Microsoft warns of five critical vulnerabilities

 

Gallery

By Reuters

Posted on 15 Nov 2006 at 10:42

November's 'Patch Tuesday' saw Microsoft issue five Critical security patches to fix flaws in its software. The company warned that the vulnberabilities could allow attackers to take control of a user's computer.

Microsoft, whose Windows operating system runs on 90 percent of the world's computers, issued the patches as part of its monthly security bulletin. Advanced notifiation of the patches was provided last week.

Redmond defines a flaw as Critical when the vulnerability could allow a damaging Internet worm, for example, to replicate without the user doing anything to the machine.

The company said four of the patches fixed holes in its Windows operating system. Microsoft also issued another security update for Windows it rated at the lower threat level of Important.

These cricial threats included: the use of the Macromedia Flash Player from Adobe Could Allow Remote Code Execution, and a remote code execution vulnerability in the way that Microsoft Agent software handles specially crafted .ACF files (HTTP character file associated with Microsoft Agent).

The final Critical patch, as expected, targeted Microsoft's XML Core Services package.

The company has been working for more than three years to improve the security and reliability of its software as more and more malicious software targets weaknesses in Windows and other Microsoft software.

The latest patches (MS06-066 to MS06-071) can be downloaded at www.microsoft.com/security and more information can be found http://www.microsoft.com/technet/security/.