Microsoft Releases Four Updates, Patches Eight Vulnerabilities

On September 9, 2008, Microsoft issued four security patches to fix eight security flaws in its Windows operating software as well as other software affecting all Windows computer users worldwide. The vulnerabilities for which the patches have been developed received Microsoft's most "critical" rating, implying that an attacker could exploit them to invade Windows computers without any users' interaction.

Security specialists state that the patch, which is most urgent and important, fixes five flaws in the Windows GDI (Graphics Device Interface), a Windows component that aids in rendering some specific types of pictures. Hackers could exploit these vulnerabilities to compromise Windows computers simply by tricking users into visiting a hacked site in Internet Explorer. The flaws, according to the experts, affect all supported editions of Windows Server 2003; Windows XP; Windows Server 2008 and Windows Vista as well as several OS components.

Tom Stracener, Senior Security Analyst, Cenzic, says that the patch is critical from the standpoint of a client. By simply browsing the Web, the flaw could attack a Windows computer, making it extremely serious, as reported by ChannelWeb on September 9, 2008.

Senior Research Manager at Symantec Security Response, Ben Greenbaum, says that users' systems could download malware and become infected if they browse a malware-laden Website, which allows uploading of images. He further said that it was important that organizations examined their third-party software to make sure that those were up-to-date with the patch, as reported by SCMagazine on September 9, 2008.

Commenting on the security flaws, Greenbaum added that a minimum of one flaw resembled one found earlier, so hackers could use an earlier code or apply knowledge obtained from earlier attacks to create a new harmful code.

Meanwhile, Microsoft has also fixed vulnerability in Office 2003, Office XP, Office OneNote2007 and Office 2007. Usually, when Microsoft issues Office updates, they are highly dangerous for Office 2000 users, but in the current round, the flaw doesn't seem to influence that version.

Finally, the last two critical patches plug security holes in Windows Media Encoder and Windows Media Player.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 20-09-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial