Tune XP - tune-up, tweak and optimize your Windows XP!
  
  
    Home   Products   Download   Purchase   News   Tips and Tweaks   FAQs
OOKO Search
Smart search for shareware and freeware
Backup
Completely protect yourself from fatal system failure
Security and Privacy
Enhance your security and protect your privacy
PC Monitoring
PC monitoring and surveillance software
Disk Management
Tune-up, tweak, optimize, fix problems on your hard disk
Password Recovery
Recover forgotten or lost passwords
System Tweaking
Tune-up, tweak and optimize your Windows system

Microsoft releases fixes for seven 'critical' vulnerabilities
Microsoft Corp.'s monthly patch release cycle may be making it more predictable for users to deploy software updates, but there appears to be little letup in the number of holes being discovered in the company's software.

Microsoft's security updates for October, which were released today, detailed fixes for seven "critical" vulnerabilities and three "important" ones across a wide range of Windows software. In total, today’s patches address 20 different vulnerabilities.

A successful exploit of the most severe of these vulnerabilities could allow an attacker to take complete control of an affected system and remotely execute malicious code, Microsoft said.

All of the critical updates, except for one, are already included in the company's recently released Windows XP Service Pack 2. The sole critical update that applies to users already running XP SP2 is a cumulative fix for Internet Explorer detailed in MS04-038 that addresses a wide range of new flaws in the browser program.

Among the critical updates issued today are the following:

  • MS04-032: Details fixes for several vulnerabilities in Windows NT, XP and Server 2003. The flaws could allow attackers to take complete control of a system and to view, change or delete data on compromised systems.

  • MS04-033: A remote code execution vulnerability in Microsoft Excel that affects users of Microsoft Excel 2000, Microsoft Excel 2002 and Microsoft Excel 2001.

  • MS04-34: Details a critical vulnerability in the way Windows processes compressed files.

Other updates released today include one for a critical vulnerability in the Windows SMTP and Exchange Server Routing Engine (MS04-35) and a remote code execution flaw in Windows Shell (MS04-037).

The latest updates continue Microsoft's tendency to combine fixes for multiple problems in a single large patch, said Russ Cooper, an analyst at Herndon, Va.-based TruSecure Corp.

"They should get used to the idea of being snowed under on 'patch Tuesday,' " Cooper said. "They also obviously need to get used to the idea that combined fixes make testing more difficult," he added. Some of the fixes being announced today are also for problems that were discovered several months ago, he noted.

Stephen Toulouse, security program manager at Microsoft's Security Response Center, said the company has been releasing combined fixes in response to user demands.

Whenever multiple flaws exist in the same file, an effort is made to combine the fixes into one update rather than release multiple updates, he said.

"We have heard very clearly from customers that when there is an opportunity to have just one update, that's what they want," Toulouse said.

Go back Go Back

Source: Computerworld.com

Tune XP CD-ROM
Give your computer a chance to show all of its potential with this new Tune XP collection of Windows XP tips and software, which will help you manage, secure, backup and tweak your system for good. This package will bulletproof your computer from many potential disasters and teach you more about your PC.

Learn more
Order TuneXP CD

What's Hot

Acronis DriveCleanser
Acronis PartitionExpert 2003
Ashampoo WinOptimizer Suite
Handy Backup
iOpus Password Recovery XP
SpyAgent
SpyBuddy
     Privacy Policy  |   Contact Us  |   Add to Favorites
     Copyright © 2003 Softpile Software