Critical Windows Bug Fix on Patch Tuesday

NormCameron

Vista Guru
Patch for "Critical" bug fix on Patch Tuesday


"After being forced to rush out an emergency patch for its Internet Explorer browser last month, Microsoft plans to release just one security update in its first patch release of 2009. The update will be a critical fix for server and desktop versions of Windows, Microsoft said Thursday. It fixes at least one bug that could allow attackers to install unauthorized software on a victim's computer.
Microsoft did not say which bugs it would be fixing with next week's updates, but the company has several to choose from.
In the past month, Microsoft has warned of flaws in its WordPad Text Converter and SQL Server database software.
The researcher who disclosed the SQL Server flaw said recently that Microsoft has known about the issue since April, and had written a patch for it back in September.
One security researcher has also claimed that there is a bug in Microsoft's Windows Media Player, but Microsoft has disputed his findings.
But none of these flaws is in all versions of the underlying Windows operating system, which are being patched next week. According to nCircle Director of Security Operations Andrew Storms, Microsoft could be fixing a known Windows flaw that would allow hackers to gain unauthorized privileges on a computer. "An exploit has already been published for some time along with a whitepaper by the author," Storms said in an instant-message interview.
Microsoft has offered work-arounds for this flaw already, but it has now had enough time to prepare a full-blown security patch, Storms said.
However, the security researcher who found the flaw said he doesn't expect to see it patched next week. "I don't think they will patch my bug because it's rated critical (remote code execution) and my bug is about local elevation of privileges," said Cesar Cerrudo, chief executive of security research firm Argeniss, via instant message.
Local elevation of privilege flaws are not typically considered critical, although Storms said Microsoft may have discovered while fixing the problem that it was more severe than previously thought.
Microsoft's security updates will come nearly a month after the company scrambled to push out an emergency patch for Internet Explorer, after criminals began exploiting the flaw to install password-stealing software on victims' machines."




Microsoft to Kick Off 2009 with Single Security Fix - CSO Online - Security and Risk

Norm
 

My Computer

System One

  • Name
    Norm
    Manufacturer/Model
    Scratch Built
    CPU
    Intel Quad Core 6600
    Motherboard
    Asus P5B
    Memory
    4096 MB Xtreme-Dark 800mhz
    Graphics Card(s)
    Zotac Amp Edition 8800GT - 512MB DDR3, O/C 700mhz
    Monitor(s) Displays
    Samsung 206BW
    Screen Resolution
    1680 X 1024
    Hard Drives
    4 X Samsung 500GB 7200rpm Serial ATA-II HDD w. 16MB Cache .
    PSU
    550 w
    Case
    Thermaltake
    Cooling
    3 x octua NF-S12-1200 - 120mm 1200RPM Sound Optimised Fans
    Mouse
    Targus
    Keyboard
    Microsoft
    Internet Speed
    1500kbs
    Occupation
    Company Director
    Other Info
    Self built.
    Country Flag
    australia
    State/Region Flag
    au queensland

Joan Archer

Cross Stitch Queen
Vista Guru
Thanks Norm, I'd already seen the notice about this one, that's not to say there wont be more when the time comes, ;)
There will be the usual removal tool update as well I suppose and we'll see how many Office updates sneak in ;)
 

My Computer

System One

  • Name
    Joan Archer
    Operating System
    Windows 10 Home
    Manufacturer/Model
    HP Envy x360 Convertible 15-bq0xx
    CPU
    AMD A9 Stoney Ridge Technology
    Motherboard
    HP 8312 (Socket FP4)
    Memory
    8.00GB Dual-Channel Unknown (?-0-0-0)
    Graphics Card(s)
    Generic PnP Monitor ([email protected]) 512MB ATI AMD Radeon R5
    Sound Card
    AMD High Definition Audio Device Realtek High Definition Aud
    Monitor(s) Displays
    Generic PnP Monitor on AMD Radeon R5 Graphics
    Screen Resolution
    1920 x 1080
    Hard Drives
    119GB SanDisk SD8SN8U-128G-1006 (SSD)
    931GB Hitachi HGST HTS721010A9E630 (SATA
    Mouse
    Microsoft Optical Wheel Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    62.86Mbps down 18.19Mbps up
    Occupation
    Retired
    Other Info
    EPSON78D0CF (XP-332 335 Series) (Default Printer)
    Country Flag
    uk
    State/Region Flag
    uk wales
    Gender
    Female
Top