'Critical' Windows, Exchange fixes coming

As part of its monthly patching cycle, Microsoft plans on Tuesday to release three security bulletins with fixes for flaws in Windows and Exchange.

The Exchange e-mail server and at least one of the Windows alerts is deemed "critical," Microsoft's highest risk rating, the software maker said in a notice posted on its Web site on Thursday. Such flaws typically allow a full compromise of a vulnerable system without any, or minimal, user interaction.

Microsoft did not specify how many flaws the updates will tackle, or say which components of Windows and Exchange are being repaired. Security researchers over the past weeks have reported several unpatched flaws in Internet Explorer, the Web browser component of Windows.

Last month, Microsoft released five security bulletins. People have reported trouble with three of them, forcing Microsoft to reissue one amended patch in the middle of its monthly cycle.

On Tuesday, Microsoft also plans to release an updated version of the Windows Malicious Software Removal Tool. The software detects and removes common malicious code placed on computers.

The company gave no further information on the upcoming bulletins, other than stating that the fixes may require restarting the computer or server.

The Redmond, Wash., software maker offers advance notification about patches so people can get ready to install the updates.

Microsoft said it will host a Webcast about the new fixes on Wednesday at 11 a.m. PT.

[J_Satch]

Woohoo, patch Tuesday...

...Mardi Gras can't be far behind!

[rcrusoe]

I prefer to wait

Ever since the bad old days of NT4 SP2, which came to be known
as the unibomber patch due to all the servers it blew up, I always
waited week or two before installing any MS patch.

There's not been another patch that bad, but these days waiting
allows you to install the version 2 patch that fix the bugs in the
version 1 patch.

[DryHeatDave]

It's bad news

It's bad news that a patch is needed. but don't forget the days before online updates :-)

[DryHeatDave]

By way of contract

A couple of years ago (in what have been my last ever COBOL coding work - I now design integration solutions), I was working on a COBOL program - I was doing the 107th change in 11 years. OK some were upgrades, rather than fixes. But mainframe code is generally pretty stable. The problem with that code - there was money to fix it, but not rewrite it, the way it needed to be written.

I believe THAT is the problem with much M$ code - it needs junking & replacing - not fixing until it's all patches. When the concept is flawed, it'll not be redeemable with fixes.

[Pop4]

Seem to me the value of application software is MCP's business model

I have used my share of "F"Key systems to float the highlighter in a custom 'COBOL' for end user rigging; those were the days before all your 'PASCAL" worm works 'Davi'.cantgetajob.net "

[Andrew J Glina]

Age

Windows is not as old as you seem to think. The core of many OSes, including MacOS X, are older.