Microsoft preps two fixes for upcoming Patch Tuesday

Stephen Withers
Friday, 09 November 2007 03:46

Your IT - Home IT

Microsoft has warned IT professionals that it will issue two security bulletins next Tuesday, one rated Critical and the other Important.

The Critical vulnerability permits remote code execution on Windows XP and Server 2003, and could therefore be the one in the SECDRV.SYS driver, which is part of Macrovision's SafeDisk copy-protection scheme but included with Windows. The list of affected Windows versions provided in Microsoft's bulletin describing the SECDRV.SYS vulnerability matches that for next Tuesday's update.

According to the Symantec Security Response Team, that vulnerability allows an attacker to overwrite kernel memory and thereby bypass security restrictions, install a rootkit or carry out other nefarious activities. At least one exploit is known to be in the wild.

Macrovision has already released an updated driver. It is based on the Vista version which is not affected by the flaw.

The second vulnerability only affects Windows Server 2003. Microsoft describes it only as a spoofing vulnerability.

Microsoft will also release an updated version of the Malicious Software Removal Tool, plus three high-priority, non-security updates apparently for products other than Windows itself.