April 5, 2007 11:26 AM PDT

Patch Tuesday resumes with 'critical' Windows fix

Microsoft on Tuesday plans to release five security bulletins, four of which will address Windows flaws.

The bulletins, part of Microsoft's monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities, Microsoft said on its Web site Thursday.

Earlier this week, the company rushed out a "critical" patch for Windows that fixed seven flaws in the operating system, including one that is being used in cyberattacks.

At least one of the four additional security alerts for Windows will be tagged "critical," Microsoft's highest severity rating. Security issues tagged as critical typically could allow an attacker to gain full control of an affected system with very little, if any, action by the user.

In addition to the Windows fixes, Microsoft plans to offer a patch for its Content Management Server. The product, designed to let organizations manage Web content, has a "critical" vulnerability, Microsoft said.

Microsoft has no patches on tap for Office, despite three vulnerabilities in the software that have been disclosed but have not yet been patched, according to eEye Security's zero-day flaw tracker. There are also two zero-day bugs in Windows, according to eEye. In addition, eEye has reported five flaws to Microsoft that have yet to be patched.

Also on Tuesday, Microsoft plans to release an updated version of its Windows Malicious Software Removal Tool. The program detects and removes common malicious code placed on computers.

Last month, Microsoft did not release any security bulletins. Microsoft gave no further information on the upcoming alerts, other than to state that some of the fixes may require restarting the computer or server.

See more CNET content tagged:
Content Management Server, eEye Digital Security, flaw, fix, security


Join the conversation!
Add your comment
none for xp either
there will always be updates as long as there is software, but there will be fewer for Vista.
Posted by frankwick (413 comments )
Reply Link Flag
patch disables EPG in Arcsoft's TotalMedia
The recently released Microsoft security patch (KB925902) disables the EPG and digital TV programme recording functions in Arcsoft's TotalMedia 3.
Posted by jdr1111 (3 comments )
Reply Link Flag
Can we expect NO FLAWS this time around?
I always expect no flaws... but I always get disappointed again and again and again...

I hoped that Microsoft would learn, but after 25 years of being in the business... they've had more than enough time to learn.

Posted by wbenton (522 comments )
Reply Link Flag
It's amazing
You would think that the guru's at Microsoft would know the weaknesses of their operating system! It's as if they get an idea for an operating system, do some alpha tests to see how users will like it then release a technical beta as a released product. If Microsoft didn't monopolize the OS environment, they would be out of business.
Posted by coachgeorge (233 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.