• On GameSpot: Toys 'R' Us entering used game market
January 8, 2009 1:16 PM PST

Patch for critical Windows vulnerability coming

by Elinor Mills
Updated January 9 to clarify that vulnerability is critical for some of the software and moderate for other Windows versions.

Microsoft will issue a patch on Tuesday for Windows vulnerability that could allow a hacker to gain control of a computer remotely, the company said in an alert on Thursday.

Microsoft also plans to host a Webcast at 11 a.m. PST as part of Patch Tuesday, which comes the second Tuesday of every month. There will be just one security update.

The vulnerability is considered critical for Windows 2000, Windows XP, Windows Server 2003, and moderate for Windows Vista and Windows Server 2008, Microsoft said.

The software maker will also release nonsecurity updates on Windows Update and Windows Server Update Services, as well as an updated version of the Microsoft Windows Malicious Software Removal Tool.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Vulnerabilities & attacks

Tags:

Microsoft,

security

Share:
Digg
Del.icio.us
Reddit
advertisement
Click here!
Recent posts from Security
Microsoft to fix holes in Windows, Office
Google privacy controls: Most people won't care
Zero-day flaw found in Web encryption
Mac Game: Art project or malware?
Corporate bank accounts targeted in online fraud
Hacker breaks into jailbroken iPhones, asks for $7
Malwarebytes accuses rival of software theft
Security firm M86 acquires Finjan
Related
Critical Windows 7 holes fixed in record Patch Tuesday
Microsoft to patch zero-day SMB, IIS holes
Firefox 3.5.4 closes security holes
Adobe fixes 28 holes in Reader and Acrobat
Microsoft to fix holes in Windows, Office
Podcast: Symantec researcher on biggest Patch Tuesday ever
EFF: TI calculator hackers didn't violate DMCA
Adobe exploit puts backdoor on computers
Add a Comment (Log in or register) (9 Comments)
  • prev
  • 1
  • next
by smilin:) January 8, 2009 1:40 PM PST
It's not listed as a critical vulnerability for Vista and 2008.
Reply to this comment
by sythara January 8, 2009 3:28 PM PST
What, no flaming fest from Apple people?
Reply to this comment
by Penguinisto January 8, 2009 4:50 PM PST
It is listed as a "moderate" vuln for Vista, and Windows 2008 (and for 32-bit and 64-bit variants when available).

OTOH, until the world gets to see what vuln is being patched by it, going by the rating alone is crap (because there have been viruses that have managed to get past mere "moderate" -rated vulnerabilities...)

/P
Reply to this comment
by Vegaman_Dan January 8, 2009 7:22 PM PST
I would agree with you. Going off about this vulnerability without any information would be irresponsible for anyone. I'm somewhat disappointed by the author on this one.

Still, it's good to see there will be more announcements from MSFT on this process. Should be interesting.
by Dalkorian January 9, 2009 12:02 PM PST
Oh-oh. I thought that if the three of us ever agreed on something that would be a sign of armageddon.

Group hug! The end is nigh!

;-)
by TotallyMadeUpName January 8, 2009 5:49 PM PST
Microsoft keeps claiming that Vista is more secure, but practically every "security update" that they issue is for both XP *and* Vista. If it was that much more secure, you'd think it would need significantly fewer security updates. :-(
Reply to this comment
by goodspeed8701 January 9, 2009 2:41 AM PST
Yes Vista is much more secured than xp.
by Seaspray0 January 9, 2009 6:44 AM PST
Could it be that the parts that are not being patched are more secure? Such as vista no longer allowing people to log in with admin permissions by default? User action is now required when something requires administrative permisions and yes, that IS more secure.
by 51057 January 10, 2009 10:46 PM PST
IS THIS BAD FOR XP WINDOW
IF SAW ARE MICROSOFT GOING TO FIX IT NOW 11/1/2009 NOT IN THE
YEAR ????/ THANKYOU
Reply to this comment
(9 Comments)
  • prev
  • 1
  • next

FAQ: Buying the right Windows 7 upgrade

Readers still have lots of questions on just which version of the software they need to buy in order to upgrade their PC. CNET News tries to offer some answers.

N.Y. lawsuit details Intel's 'largesse' toward Dell

Attorney General Andrew Cuomo's federal antitrust case filed Wednesday alleges a longstanding symbiotic relationship between Intel and Dell.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET