Author Topic: Microsoft issues critical Windows patches  (Read 1737 times)

Offline mccoffee

  • Administrator Nut
  • Certifiable Nut
  • *****
  • Posts: 3938
Microsoft issues critical Windows patches
« on: September 08, 2009, 07:15:50 pm »
September 8, 2009 10:24 AM PDT
Microsoft issues critical Windows patches
by Ina Fried Font size Print E-mail Share 24 comments Yahoo! BuzzMicrosoft on Tuesday issued five critical Windows-related updates as part of its monthly Patch Tuesday release.

While the issues affect different versions of Windows differently, Microsoft said none of the issues apply to the final version of Windows 7, which Microsoft wrapped up in July.

The five bulletins address eight vulnerabilities. According to Symantec Security Response research manager Ben Greenbaum, the two vulnerabilities most likely to be used by attackers involve the way Windows handles ASF and MP3 media files. "We've seen similar exploits in the past and all a user would have to do is visit a compromised Web site hosting one of these malicious files, which could be an MP3, WMA or WMV file, and they could become infected."

McAfee Avert Labs director Dave Marcus said that two of the flaws, in particular, relate to serious security vulnerabilities in the networking components of Window Vista, Windows Server 2008 and Windows Server 2003 that could allow for malicious software to spread from one PC to another.

"These vulnerabilities are the most likely to be exploited by malicious code and are two of the best worm candidates that we've seen since Conficker," Marcus said in a statement. "That said, all of today's security bulletins address vulnerabilities that could allow an attacker to take complete control of a vulnerable PC."

In addition, Microsoft said it is re-releasing a bulletin from last month to address an additional control found to be vulnerable to an issue with the Microsoft Active Template Library.