Microsoft plugs up critical holes in Windows
Published: April 12, 2005, 12:09 PM PDT
By Ina Fried
Staff Writer, CNET News.com
Microsoft on Tuesday released a slew of security patches, five of them critical, as part of its monthly update.
The updates include "critical" fixes to Windows' TCP/IP networking (the standard behind the Internet and other networks), Internet Explorer, MSN Messenger, Office and Exchange. Three other Windows security holes are rated as "important." In each case, Microsoft said the flaws, if exploited, could enable an attacker to take remote control of a vulnerable machine.
In addition to those patches, Microsoft is releasing two high-priority upgrades unrelated to security. One is for the Windows Installer and the other is for the Background Intelligent Transfer Service, which Microsoft uses to allow piecemeal downloading of software updates.
The software maker said last week to expect the eight security patches as well as the other updates, but did not offer details.
In March, the company took a break from its monthly routine of security releases and did not issue any patches. The prior month, Microsoft had a dozen fixes in its regularly scheduled release and later plugged a hole in the digital rights technology within Windows Media Player.
Microsoft also revamped its technology for removing malicious code, a sort of basic antivirus tool for cleaning up infections. The software now removes Hacker Defender, Mimail and Rbot, as well as new variants of the Berbew, Bropia Gaobot, MyDoom and Sober worms, the company said. |
