October 5, 2006 2:57 PM PDT

Microsoft to patch critical Windows, Office flaws

Related Stories

Microsoft rushes out 'critical' fix

September 26, 2006

Microsoft mulls early IE patch release

September 25, 2006

No fix yet for Word 2000 flaw

September 12, 2006
Microsoft plans to issue nearly a dozen security patches on Tuesday, including critical fixes for Windows and Office.

The company will release six updates for the operating system and four for the office suite, according an advance notice sent out Thursday by the software giant. Some of the patches will be deemed "critical," the company's highest severity rating. The company also plans to send out a security bulletin for Microsoft .Net that will be tagged moderate, it said.

The updates, part of Microsoft's regularly scheduled monthly patch cycle, come after sample attack code has surfaced for vulnerabilities in the Windows Shell component of the operating system. Those flaws could enable attackers to use a Web site to load malicious software onto systems.

The past few weeks have seen the arrival of third-party patches for the Windows Shell problem. The Zeroday Emergency Response Team, or ZERT, delivered its own fix, aiming to help people protect their PCs until Microsoft issued an official update. In addition, security company Determina provided an outside patch for the same issue.

Microsoft has said it will provide a patch for the Windows Shell vulnerability in its October bunch of bulletins. It is expected to announce more details regarding the flaws once the patches are released next week.

In September, the company delivered a critical fix for Office, one of three security bulletins in that monthly patch cycle.

See more CNET content tagged:
flaw, patch management, fix, Microsoft Corp., security


Join the conversation!
Add your comment
Must be a slow news day. Should I panic??? Oh that's right, no
need to worry, I run OS X!!!
Posted by robot999 (109 comments )
Reply Link Flag
Exploit released for Mac OS X flaw
<a class="jive-link-external" href="http://news.cbsi.com/Exploit+released+for+Mac+OS+X+flaw/2100-1002_3-6122015.html?tag=nefd.pulse" target="_newWindow">http://news.cbsi.com/Exploit+released+for+Mac+OS+X+flaw/2100-1002_3-6122015.html?tag=nefd.pulse</a>
Posted by poster48150 (167 comments )
Link Flag
Just another MS-MEGA-PATCH...
Same-old... Same-old... Nothing new to see here.

But, heres a few pieces of personal-advice from someone who has used Microsoft-products for decades, and genuinely wishes that Microsoft really WOULD turn themselves around, and become worthy of respect...


1. Turn off "automatic updates"... (Put your system behind a "router", ...turn off ALL unnecessary "XP-services", ...and use some third-party security-Apps)...

So, that you can...

2. Wait about a week before deploying any new "Microsoft updates"... to find out just how many problems the "updates" may actually cause... And, how many "updates" to the "updates" will finally be issued...

Or... if youve actually been tricked, by Microsoft, into believing that not allowing Microsoft to tinker endlessly with your "Windows" system, on THEIR time-table, for THEIR ends, actually increases your "security risks"...

Then, for the love of God, why dont you..?

3. Finally decide, like so many others are, to abandon the sinking-ship that is Microsoft (Think "Titanic"... the biggest... unsinkable... went down, due to arrogance and stupidity, shortly after launch), ...and try to find a safer, more stable, ALTERNATIVE to the PRIMARY-CONTRIBUTOR to the VAST MAJORITY of ALL of the MAJOR "security events" in the last decade.

Try "Linux", "Apple", "BSD", etc...

Or... You can just stubbornly... keep believing that maybe, just maybe, the next MS-OS really will fix all the problems created specifically by Microsofts perennially-bad approach to software-development. Or, maybe the MS-OS after that... Or, maybe, the one after that... Or... Oh well...

...Of course, that would presuppose that both Microsoft, and your important-data, will survive long enough...
Posted by Had_to_be_said (384 comments )
Reply Link Flag
The Sky is falling
How about not slapping out the same old stuff and coming up with something new?

Be original. Be useful. Stop screaming the sky is falling and DO something about it.

Whining. Complaining. Moaning. Is any of this useful? Nope, not in the slightest. Are you willing to do anything about it? Oh no, that might interfere with your ability to complain.

If you would like, it might save time if you just write up your hate-speech and make it a simple macro. Leave the subject and name blank and you can fill them in for anything you care to post about because the story never changes, you never change, and you're not going to do anything about it.

I believe Mac, Linux, Ubuntu, Irix, and even Windows have various macro applications that could work for you. Heck, you could even just use a bot to do automatic postings. How's that for saving time?
Posted by Vegaman_Dan (6683 comments )
Link Flag
MS-Patch #?????
I cannot help but think, if a car company or nearly any other company produced a product that was so consistently flawed with bugs, they would not last very long.
Maybe instead of changing its products all the time, Microsoft should focus on putting out a solid product.

Hey Bill, most of the people I work with and support only need a good solid word processing program. They hate it when there computer tries to out think them by filling in words for them, and they really hate it when you change things so that they work differently than what they are comfortable with.
Just in case you really wanted to know,
thanks bill.
Posted by maribethia (3 comments )
Reply Link Flag
Thank you for being reasonable
I have to believe a huge company like Microsoft is aware of the end user's desire for applications like you requested. They are going for the widest appeal though, and niche markets like the one you are talking about for word processing without features may not be their area of focus. There are plenty of alternative word processing applications out there that can do what you are asking for though, so I would check into those options.

Apple has some pretty good applications available for their platform as well, so it may be worth looking at the Mac as a possibility.
Posted by Vegaman_Dan (6683 comments )
Link Flag
I prefer to wait
until MS releases the patched versions of these patches.

IMO, the old saying "it takes MS three tries to get anything right" appears to be true about patches as well as applications.
Posted by rcrusoe (1305 comments )
Reply Link Flag
Good advice
In a business environment, a failed patch can cause all sorts of issues. I know that MS creates and tests the patches they make on their own employees for a week or two to see if they affect other areas of the OS or applications. That happens before they go public, but there's always going to be some unexpected issue or incompatibility someplace. And sometimes the problem may be urgent enough to push out a patch immediately or risk even greater threat of compromise by waiting.

You're damned if you patch, damned if you wait.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Reap what you sew!!!
A dollar short and too many days late.

Posted by wbenton (522 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.