Stan Beer
Saturday, 07 October 2006 16:20
Business IT -
Security
Microsoft Windows and Office have once again been exposed for the leaky vessels they are, with 10 patches to fix security flaws, including some rated as critical, to be issued by the software company on Patch Tuesday October 10.
Together with a not so serious flaw in the
.NET framework, Microsoft will issue 11 patches in all, including six
for Windows and four for the Office suite, including flaws in
PowerPoint and Word 2000.
The 11 new patches come on top of an out of cycle fix forced upon
Microsoft after it suffered a zero-day exploit of Internet Explorer's
VML (vector markup language). The exploit could cause users to lose
control of their computers simply by visiting a malicious website or
opening an HTML email and was considered so serious that Microsoft was
forced to break its monthly fix cycle.
Another vulnerability acknowledged by Microsoft, which is currently
being exploited, is in the Microsoft WebViewFolderIcon ActiveX control
used by the Windows Shell graphical user interface.
It is not known whether any of the flaws also affect Windows Vista, as has been the case previously.