On mySimon: LG Electronics 32LH40 32" LCD TV
BNET Business Network:
BNET
TechRepublic
ZDNet
52 TalkBacks

By Dawn Kawamoto
Posted on ZDNet News: Feb 8, 2005 11:07:00 PM

Microsoft on Tuesday released a higher-than-usual number of monthly updates, more than half of which were given the software company's highest rating of "critical."

The software giant announced a dozen updates, eight of which were given its highest severity rating. Microsoft's Office XP, Internet Explorer 6 and an image file component of the Windows operating system for Media Player and MSN Messenger were among the updates dubbed critical.

"This is their second-largest bulletin release since they started doing these monthly updates, except for the 24 bulletins they released last year," said Vincent Gullotto, vice president of the antivirus emergency response team for security specialist McAfee. "But it's common to see this kind of ratio of critical bulletins."

Among the patches is a significant cumulative fix to resolve some of the underlying vulnerabilities of IE that have already been made public. Microsoft said those flaws have not yet been widely exploited.

"There is public exploit code out there for some of the IE vulnerabilities we are patching, but we have not heard of any widespread attacks," said Stephen Toulouse, a Microsoft security program manager.

The update for IE is designed to address vulnerabilities such as an attacker taking control of a system and installing programs; changing, deleting or viewing data; or creating new accounts with full user rights.

IE 6 with Service Pack 1 running on systems featuring Windows XP, with or without Service Pack 1, or Windows 2000 with Service Pack 4 or 3, are affected by this vulnerability.

The scheduled updates come as Microsoft announced plans to acquire security software developer Sybari Software and as it enters its fourth year of its Trustworthy Computing initiative to make its applications more reliable.

The latest flaws add to the many security headaches for businesses. One analyst urged consumers to automatically patch their systems to avoid such exploits but said that for businesses, it's not so easy.

"If I was John Doe consumer, I would have my auto-update turned on so it automatically installs the Microsoft updates," said Mark Nicolett, a Gartner analyst. "But for a corporation, it's not quite so simple. You have to do some level of quality control testing to make sure you're not affecting some of the applications you need to run for business."

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 52 Talkback(s)
MS updates
I use Microsoft simply because using anything else is like buying a car that can only run on 40% of the roads. That does not mean, however, that I am an avid fan of the company or its products. These ... (Read the rest)
Posted by: paxian Posted on: 02/13/05 You are currently: a Guest | | Terms of Use
this comment disturbs me  Monkey_MCSE | 02/08/05
Easily misunderstood  NonZealot | 02/08/05
Actually I think the text...  ShadeTree | 02/09/05
I need comprehension?  Monkey_MCSE | 02/09/05
maybe a little strong with words prior  Monkey_MCSE | 02/09/05
The comprehension problem you had is...  ShadeTree | 02/09/05
well if thats the case  Monkey_MCSE | 02/09/05
Still your problem.  ShadeTree | 02/09/05
For those who care about the truth  NonZealot | 02/08/05
Not quite...  Yensi717 | 02/08/05
???  NonZealot | 02/08/05
The only FUD factory here is you  Chad_z | 02/08/05
Hehe  NonZealot | 02/08/05
I'll be waiting for your reply  Squawkbox | 02/08/05
lol  toadlife | 02/08/05
For those who care about the truth  AmusedAtItAll | 02/08/05
IE is part of the OS. IE is NOT a standalone browser  whisperycat | 02/09/05
Get real!  htotten | 02/09/05
Like it or not, IE vulnerabilities are OS vulnerabilities  whisperycat | 02/09/05
Explain to me then  htotten | 02/09/05
Try This Then Htotten  itanalyst | 02/09/05
Active X IS part of IE when it has to be "turned off" deliberately  whisperycat | 02/09/05
Ever feel like you are talking to a brick wall?  NonZealot | 02/09/05
Stop, stop, I can't take any more ...  whisperycat | 02/09/05
Active X isn't the problem  voska | 02/09/05
Might as well be, why else would you run Windows?  voska | 02/09/05
Mine's updated! happy  Grayson Peddie | 02/08/05
So's mine  AmusedAtItAll | 02/08/05
TC, i dunno if you meant to or not  Monkey_MCSE | 02/08/05
"Grayson T. Peddie" is my real name.  Grayson Peddie | 02/08/05
Re: "Grayson T. Peddie" is my real name.  ReFoRMaT | 02/10/05
Message has been deleted.  Jeff Spicoli | 02/09/05
Yeah, making fun of someone's name...  ShadeTree | 02/09/05
Agreed.  htotten | 02/09/05
The problem is you can't fix suck a FUBAR O/S !  realitycheck101 | 02/08/05
Glad they're ON THE JOB...  Feldwebel Wolfenstool | 02/09/05
Troll Alert! Message has been deleted  Roger Ramjet | 02/09/05
Ahuh, ahuh, ahuh....  BitTwiddler | 02/09/05
If you do a Thesarus search for"Wolfenstool"  Squawkbox | 02/09/05
Re: Glad they're ON THE JOB...  ReFoRMaT | 02/10/05
Don't Forget...2nd Tuesday of Every Month Is Microsoft Procurement Day!  itanalyst | 02/09/05
at least  rcark01 | 02/09/05
Silver lining  tic swayback | 02/09/05
only you  rcark01 | 02/09/05
Don't knock boingboing  tic swayback | 02/09/05
Patches affecting VPN Client?  wolvrne88 | 02/09/05
lmao...  ReFoRMaT | 02/09/05
Are you kidding me?  Delmont | 02/10/05
Re: Are you kidding me?  ReFoRMaT | 02/10/05
BTW Re: Are you kidding me?  ReFoRMaT | 02/10/05
Forget patches, let's talk about licenses...  KeJorn | 02/10/05
MS updates  paxian | 02/13/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and