Patch Tuesday resumes with 'critical' Windows fix

Microsoft on Tuesday plans to release five security bulletins, four of which will address Windows flaws.

The bulletins, part of Microsoft's monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities, Microsoft said on its Web site Thursday.

Earlier this week, the company rushed out a "critical" patch for Windows that fixed seven flaws in the operating system, including one that is being used in cyberattacks.

At least one of the four additional security alerts for Windows will be tagged "critical," Microsoft's highest severity rating. Security issues tagged as critical typically could allow an attacker to gain full control of an affected system with very little, if any, action by the user.

In addition to the Windows fixes, Microsoft plans to offer a patch for its Content Management Server. The product, designed to let organizations manage Web content, has a "critical" vulnerability, Microsoft said.

Microsoft has no patches on tap for Office, despite three vulnerabilities in the software that have been disclosed but have not yet been patched, according to eEye Security's zero-day flaw tracker. There are also two zero-day bugs in Windows, according to eEye. In addition, eEye has reported five flaws to Microsoft that have yet to be patched.

Also on Tuesday, Microsoft plans to release an updated version of its Windows Malicious Software Removal Tool. The program detects and removes common malicious code placed on computers.

Last month, Microsoft did not release any security bulletins. Microsoft gave no further information on the upcoming alerts, other than to state that some of the fixes may require restarting the computer or server.

[n3td3v]

no security bulletins last time

this was because they (microsoft) wanted to protect their Vista honeymoon period, not because their software was secure that particular tuesday.

[frankwick]

none for xp either

there will always be updates as long as there is software, but there will be fewer for Vista.

[jdr1111]

patch disables EPG in Arcsoft's TotalMedia

The recently released Microsoft security patch (KB925902) disables the EPG and digital TV programme recording functions in Arcsoft's TotalMedia 3.

[wbenton]

Can we expect NO FLAWS this time around?

I always expect no flaws... but I always get disappointed again and again and again...

I hoped that Microsoft would learn, but after 25 years of being in the business... they've had more than enough time to learn.

FWIW

[coachgeorge]

It's amazing

You would think that the guru's at Microsoft would know the weaknesses of their operating system! It's as if they get an idea for an operating system, do some alpha tests to see how users will like it then release a technical beta as a released product. If Microsoft didn't monopolize the OS environment, they would be out of business.