http://news.com.com/Windows%2C+Office+to+get+critical+fixes/2100-1002_3-6147276.html By Joris Evers Staff Writer, CNET News.com January 4, 2007 As part of its monthly patch cycle, Microsoft plans to release on Tuesday eight security bulletins to plug holes in its software products. The most serious problems are in the Windows operating system and Office productivity suite, Microsoft said in a heads-up on its Web site Thursday. Each of those two product families will get three security bulletins, some of which will be tagged as "critical," Microsoft's highest risk rating. In addition, Microsoft in its advance notification separates out two more security bulletins, one for Windows and Visual Studio and one for Windows and Office. These will be rated "important," a notch lower on the the company's risk ranking. Microsoft did not specify how many flaws Tuesday's updates will address or which components of its products will be fixed. eEye Digital Security on its Zero-Day Tracker Web site lists a total of eight zero-day vulnerabilities that Microsoft still has to address, with four each in Office and Windows. Also on Tuesday, Microsoft plans to release an updated version of its Windows Malicious Software Removal Tool. The program detects and removes common malicious code placed on computers. Last month, the software maker delivered seven security bulletins, three of which were deemed critical. Critical vulnerabilities typically can allow a worm to spread or allow a Windows system to be fully compromised with minor or no interaction from the person using it. Microsoft gave no further information on the upcoming bulletins, other than stating that some of the fixes may require restarting the computer or server. _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Jan 04 2007 - 22:57:55 PST