May 4, 2006 12:20 PM PDT

'Critical' Windows, Exchange fixes coming

As part of its monthly patching cycle, Microsoft plans on Tuesday to release three security bulletins with fixes for flaws in Windows and Exchange.

The Exchange e-mail server and at least one of the Windows alerts is deemed "critical," Microsoft's highest risk rating, the software maker said in a notice posted on its Web site on Thursday. Such flaws typically allow a full compromise of a vulnerable system without any, or minimal, user interaction.

Microsoft did not specify how many flaws the updates will tackle, or say which components of Windows and Exchange are being repaired. Security researchers over the past weeks have reported several unpatched flaws in Internet Explorer, the Web browser component of Windows.

Last month, Microsoft released five security bulletins. People have reported trouble with three of them, forcing Microsoft to reissue one amended patch in the middle of its monthly cycle.

On Tuesday, Microsoft also plans to release an updated version of the Windows Malicious Software Removal Tool. The software detects and removes common malicious code placed on computers.

The company gave no further information on the upcoming bulletins, other than stating that the fixes may require restarting the computer or server.

The Redmond, Wash., software maker offers advance notification about patches so people can get ready to install the updates.

Microsoft said it will host a Webcast about the new fixes on Wednesday at 11 a.m. PT.

See more CNET content tagged:
e-mail server, flaw, software company, patch management, fix


Join the conversation!
Add your comment
Woohoo, patch Tuesday...
...Mardi Gras can't be far behind!
Posted by J_Satch (571 comments )
Reply Link Flag
I prefer to wait
Ever since the bad old days of NT4 SP2, which came to be known
as the unibomber patch due to all the servers it blew up, I always
waited week or two before installing any MS patch.

There's not been another patch that bad, but these days waiting
allows you to install the version 2 patch that fix the bugs in the
version 1 patch.
Posted by rcrusoe (1305 comments )
Link Flag
It's bad news
It's bad news that a patch is needed. but don't forget the days before online updates :-)
Posted by DryHeatDave (79 comments )
Reply Link Flag
By way of contract
A couple of years ago (in what have been my last ever COBOL coding work - I now design integration solutions), I was working on a COBOL program - I was doing the 107th change in 11 years. OK some were upgrades, rather than fixes. But mainframe code is generally pretty stable. The problem with that code - there was money to fix it, but not rewrite it, the way it needed to be written.

I believe THAT is the problem with much M$ code - it needs junking & replacing - not fixing until it's all patches. When the concept is flawed, it'll not be redeemable with fixes.
Posted by DryHeatDave (79 comments )
Reply Link Flag
Seem to me the value of application software is MCP's business model
I have used my share of "F"Key systems to float the highlighter in a custom 'COBOL' for end user rigging; those were the days before all your 'PASCAL" worm works 'Davi' "
Posted by Pop4 (88 comments )
Link Flag
Windows is not as old as you seem to think. The core of many OSes, including MacOS X, are older.
Posted by Andrew J Glina (1673 comments )
Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.