[ news_security_news ]
Windows Getting Critical Fix Next Week
David Utter
Staff Writer
2007-01-05
 Insider Reports RSS Feed
Only a few fixes have been planned for January's 'Patch Tuesday' from Microsoft, with Windows scheduled to receive an update to a critical issue.
Along with the Windows patch, a trio of Office updates have been announced ahead of the January 9th scheduled release.
At least one of the Office fixes will correct a Critical problem. Advisory firm Secunia has listed two Critical issues in Word that could permit remote code execution, as well as several other flaws of varying criticality.
A vulnerability in Internet Explorer 6 has been unpatched for 73 days as of this article. The eEye security firm said this flaw permits the execution of arbitrary code with minimal user interaction. And of course, there's always the RPC Memory Exhaustion issue in Windows 2000 SP 4, now 415 days old and still unpatched.
Microsoft probably enjoyed seeing the back of 2006 as the year came to an end. They were plagued by a series of zero-day exploits, and security professionals probably anticipate another one will appear after Patch Tuesday, just as many did last year.
The two issues with Word both arrived in this manner, only five days apart in December 2006. Both were disclosed too close to Microsoft's patch release for the month that they have remained open since that time.
---
Tag: Microsoft
Add to  Del.icio.us |  Digg |  Reddit |  Furl
Get all the updates - 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
