Microsoft announced today that it plans to issue eight security patches that fix holes in its Windows operating system and Internet Explorer. The announcement came in advance of its monthly "Patch Tuesday" security release scheduled April 8.
Altogether, Microsoft is repairing five vulnerabilities deemed "critical" and three rated "important" in almost every version of its operating systems, including Windows Vista, Windows XP and Windows 2000, as well as Windows Server 2003 and Windows Server 2008, and Explorer.
The announcement was part of Microsoft's pre-patch notification, which was posted on the company's Web site today. Microsoft releases regularly scheduled patches on the second Tuesday of each month.
The five critical updates fix errors in Microsoft Office, Windows and Internet Explorer. All critical vulnerabilities can be exploited by remote code execution, which could allow an attacker to issue a denial of service attack or install malware to completely take over an affected system.
The three patches deemed important fix errors that enable hackers to "spoof" and gain unauthorized elevated privileges to different versions of Windows, as well as execute malicious code by exploiting an error found in Microsoft Office.
In particular, the upcoming security bundle addressed problems in the newest versions of Microsoft's operating system, including Windows Server 2008, released last month, and Windows Vista SP1, which became available two weeks ago.
Microsoft said in its advance notification bulletin that its Baseline Security Analyzer can detect whether a users' computer system would requre the update. In order to install the patch, users will need to restart their computers.
Security updates are available from the Microsoft Download Center, which can be found most easily after doing a keyword search for "security update," Microsoft said in its advisory.
The company also announced that it plans to host its April Security Bulletin Webcast April 9, at 11 a.m. Pacific Time.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
