August 17, 2006 4:34 PM PDT
Patch Tuesday comes for Vista, too
- Related Stories
Piecing together Windows VistaNovember 8, 2006
Worm duo tries to hijack Windows PCsAugust 14, 2006
Another hefty patch month for MicrosoftAugust 8, 2006
Allchin: Buy Vista for the securityJanuary 27, 2006
Windows Vista gets image flaw fixJanuary 17, 2006
Windows flaw spawns dozens of attacksJanuary 3, 2006
Vista, slated to be broadly available in January, is the first major Microsoft product to get security updates while it is still in beta, Microsoft employee Alex Heaton wrote on a corporate blog Tuesday.
"We are committed to release Windows Vista updates for all MSRC (Microsoft Security Response Center) critical class issues that may arise during the beta-testing period," wrote Heaton, who works on Vista security. The goal is to release the fixes as soon as possible, he said--but versions of Windows that have been commercially released, such as Windows XP, get priority.
Two of the seven "critical" Windows updates that Microsoft delivered on Aug. 8 affect Vista, Heaton wrote. These are MS06-042, for Internet Explorer, and MS06-051, which addresses a flaw in the Windows kernel.
Vista is not affected by the Windows flaw that is getting most of the attention among the Patch Tuesday bulletins. That flaw, MS06-040, affects file and printer sharing and has already been exploited in low-risk worm attacks.
Updates for the security issues that affect Vista have been sent out to Windows Update and are available in the Microsoft Download Center, according to the software maker.
These are not the first security fixes for Vista. In January, Microsoft released a security update to address the same image-rendering vulnerability found in earlier versions of the operating system. The patch fixed a flaw in the way the operating system's Graphics Rendering Engine processes Windows Meta File images. The WMF handling bug was being exploited in cyberattacks.
5 commentsJoin the conversation! Add your comment