Windows Patch Due Next Week: All 'Critical,' Few Details

Dennis Faas's picture

Here's the good and bad news on the upcoming Microsoft's monthly Windows Update: the good news is that Microsoft only has five security problems to fix. The bad news is that they are all marked critical.

Patch is Due Next Tuesday, but Few Details

In an unusual move, the company isn't releasing any details about the problems which are being fixed in the next Patch Tuesday update, scheduled for release next week. It's possible the firm doesn't want to tip off hackers who might try to exploit the problems before the fixes are released, but it's unusual that Microsoft wouldn't at least outline the general problems.

What is known is that all five problems are rated critical, the highest level of alarm. All five affect both the client versions of Windows (in other words the standard desktop editions) and server versions, with four affecting both Vista and Server 2008.

Patch Installation A Must

Installing the fixes should be a major priority for both home and business users if they aren't already using the Automatic Update Service.

There's speculation that the problems may involve security flaws associated with the Active Template Library. That's a system used by both Microsoft and independent developers to make Windows software programs, which increases the potential for exploitation by hackers. (Source: computerworld.com)

Website Servers At Risk

It's not known if the update will include a fix for a problem Microsoft announced this week with Internet Information Services, a set of tools used by almost a third of websites. If a hacker who was able to trick the system into creating a particularly long directory name, he would be able gain control over parts of the system and execute arbitrary code. (Source: technet.com)

MS Cracks Down on Update Discs

Microsoft was also recently criticized by security writer at a major computing magazine for refusing to distribute security updates via CDs to help people still on dial-up connections. Larry Seltzer reports that not only is Microsoft insisting on sticking to an Internet-only update system, but that it has also cracked down on an independent firm which was offering CDs with all the previous updates for Windows XP. (Source: pcmag.com)

Rate this article: 
No votes yet