Microsoft Readies Windows, Other Security Fixes Dec 8, 2006
Microsoft plans to patch its Windows and Visual Studio products next week, but it does not have a fix in the works for a widely publicized flaw in Word , which hackers are reportedly exploiting in targeted attacks. The company's security team is readying five sets of patches for Windows, and will also issue a single critical security update for Visual Studio, Microsoft said in an alert published Thursday . How They Work Microsoft rates the most serious of its Windows updates as critical, meaning an attacker could exploit the underlying flaw to run malware on a victim's PC with no user action, the company said. Such security patches are usually released on the second Tuesday of each month. The company strives to publish a small number of updates in December, because IT operations are often short-staffed during the holiday season. On Tuesday, Microsoft warned of a vulnerability in its Word software that reportedly had been used in online attacks. Security researchers have rated this flaw as critical, because an attacker could exploit it to run malicious software on a victim's PC. For such an attack to work, however, the victim would first have to be tricked into opening a maliciously encoded Word file. The Word flaw is not scheduled to be patched next Tuesday, said a spokesperson for Microsoft's public relations firm. There is, however, one critical Visual Studio flaw that may be addressed in the updates. That bug is in Visual Studio 2005's WMI Object Broker ActiveX object. It was first reported in late October. http://www.pcworld.com/article/id,128113-pg,1/article.html Vikas Kapoor, MSN ID: [EMAIL PROTECTED] Yahoo ID: [EMAIL PROTECTED] Skype ID: dl_vikas Mobile: (+91) 9891098137. To unsubscribe send a message to [EMAIL PROTECTED] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
