After 2 months in which Microsoft released only a smattering of security fixes, the company on Tuesday issued seven security patches, two of which it identified as critical. However, the software giant still hasn't fixed a set of glaring problems with Microsoft Internet Explorer (IE), its dominant Web browser that has come under increasing attack in recent weeks. The two critical fixes address problems with Windows components, including the Task Scheduler and HTML Help; both problems affect numerous Windows versions. And in both cases, a successful exploit could lead to remote users running code on infected systems, leading Microsoft to label them as critical vulnerabilities. A third fix, which patches an important security vulnerability in Windows NT 4.0 Service Pack 6a (SP6a), relates to that system's Microsoft IIS component. A successful exploit of this bug could also let an attacker take over the system, Microsoft said. Another important patch, which affects Windows Server 2003, Windows XP, Windows 2000 Server, and NT 4.0 fixes a bug that can be exploited only when a malicious user gains a valid logon with Administrator privileges. By using a flaw in the Windows shell, that user could remotely take control of the machine. All the fixes are available through the usual Microsoft software patch systems, including Windows Update and Automatic Updates. Administrators and others looking for more information about all seven patches should refer to the Microsoft Web site. In related news, Microsoft on Tuesday released a tool that will remove the Download.Ject virus from infected computers. Earlier this month, the virus, which exploits a still-unpatched hole in IE, caused security researchers to start warning users to avoid Microsoft's bug-ridden browser. The tool is available for free download from the Microsoft Web site.
End of Article
This article could have used a little more information on the fixes that Microsoft has issued.
jeffchil July 14, 2004 (Article Rating: )
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
While Microsoft is still investigating a notebook battery life issue that was supposedly caused by Windows 7, some interesting trends have emerged. ...
Microsoft on Monday issued a lengthy statement about the recent Windows 7 battery controversy, echoing my assessment from earlier in the day, but backing it up with hard, cold evidence. ...
Should Your Email Live in the Cloud? This Forrester report shows how-to calculate your on-premise email costs and compare with cloud-based alternatives and offers best practices for reducing email costs.
New from Left-Brain.com - Manage VMware with PowerShell Learn how to perform everything from simple ad-hoc reporting at the command-line to complex scripts that automate a massive deployment of hundreds of virtual machines. Solve your old problems using less code than you thought possible!
Register
jeffchil July 14, 2004 (Article Rating: