Microsoft on Tuesday released a higher-than-usual number of monthly updates, more than half of which were given the software company's highest rating of critical.
The software giant announced a dozen updates, eight of which were given its highest severity rating. Microsoft's Office XP, Internet Explorer 6 and an image file component of the Windows operating system for Media Player and MSN Messenger were among the updates dubbed critical.
"This is their second-largest bulletin release since they started doing these monthly updates, except for the 24 bulletins they released last year," said Vincent Gullotto, vice-president of the antivirus emergency response team for security specialist McAfee. "But it's common to see this kind of ratio of critical bulletins."
Among the patches is a significant cumulative fix to resolve some of the underlying vulnerabilities of IE that have already been made public. Microsoft said those flaws have not yet been widely exploited.
"There is public exploit code out there for some of the IE vulnerabilities we are patching, but we have not heard of any widespread attacks," said Stephen Toulouse, a Microsoft security program manager.
The update for IE is designed to address vulnerabilities such as an attacker taking control of a system and installing programs; changing, deleting or viewing data; or creating new accounts with full user rights.
IE 6 with Service Pack 1 running on systems featuring Windows XP, with or without Service Pack 1, or Windows 2000 with Service Pack 4 or 3, are affected by this vulnerability.
The scheduled updates come as Microsoft announced plans to acquire security software developer Sybari Software and as it enters its fourth year of its Trustworthy Computing initiative to make its applications more reliable.
The latest flaws add to the many security headaches for businesses. One analyst urged consumers to automatically patch their systems to avoid such exploits but said that for businesses, it's not so easy.
"If I was John Doe consumer, I would have my auto-update turned on so it automatically installs the Microsoft updates," said Mark Nicolett, a Gartner analyst. "But for a corporation, it's not quite so simple. You have to do some level of quality control testing to make sure you're not affecting some of the applications you need to run for business."
Talkback
Hmm, it does this just after announcing the 'genuine advantage' verify your copy of windows compulsory test.
I smell a rat.
I smell it too.
Although quite frankly, I'm not suprised. I have lost count of the number of 'critcal' updates the users 'must' install to keep their systems 'safe' from attack... and only to the 'geniune' customers... of which the 'ungeniune' customers could be 'attacked', infected, and you get a surge in DDoS, Spam... everything bad.
WAKE UP /\/\/1cr050ft !!!!!
The amount of trouble this causes to Business and home users alike is unparallelled... we're stuck with a half-dead, gradually decaying horse of an OS that, despite the countless patches, seems to fall apart within a week. If only manufacturers gave Linux more hardware and software support...
I quite frankly don't care what verifications Bill Gates and Co put out there . My OS is legal and genuine. The old saying goes if you aint doing nothin wrong you got know sweat. Logic says if your legal why worry and if your running bootleg your busted period. Broom