Microsoft Fixes Critical Security Holes

By David Worthington | Published April 12, 2005, 6:28 PM

Microsoft has delivered its monthly set of security bulletins that address vulnerabilities in its products. Out of a total of eight updates, five -- involving Windows, MSN Messenger, Microsoft Word and Exchange -- were deemed critical.

The remaining three patches were issued for Windows and classified as "important," Microsoft's second most severe designation.

The critical Windows fixes thwart potential exploits of Microsoft's TCP/IP implementation, as well as several flaws discovered in Internet Explorer. Each of the vulnerabilities, including the ones labeled with the "important" severity rating, permit malicious remote users to obtain complete control over un-patched machines.

Microsoft also issued several non-security updates that include Windows Installer version 3.1, a new release of Background Intelligent Transfer Service (BITS), along with a refresh its Malicious Software Removal Tool to help customers tackle new variants of the Berbew, Bropia Gaobot, MyDoom, and Sober worms.

When asked for comment, a Microsoft spokesperson told BetaNews that, "Home users should visit Windows Update and Office Update to receive the updates that apply to their systems. MSN Messenger 6.1 and 6.2 or users running the MSN Messenger 7.0 beta should upgrade to the latest version, MSN Messenger 7.0, to help be protected."

This month's round of patches follows a March hiatus when no security updates were released. Microsoft experienced its second highest volume of monthly bulletins in February, with a total of 12 patches.

Comments

some luser in out lan ignored directives and patched, bringing the rest of our network to a semi-crumbling halt.. it broke our internet access, and it took us a whole 2 hours to track down the problem... I hate it when people dont listen...

Score: 0

|

Just how does applying a patch bring your LAN to its knees? Perhaps the 'luser' resides on both sides of the Admin account?

Score: 0

|

mayhap you dont know that it's not all that wise to run two conflicting firewalls?

Score: 0

|

I believe you meant to post this on the SP2 thread, Mr. Luser.

Applying the hotfixes do NOT alter firewall settings in any way. I agree with the other poster that the problem lies on both ends of the table... the user for not following instructions and the admin for not considering these things in advance to take precautions.

Score: 0

|

I guess, I do not understand why the situation you have encountered is MS's fault. Seems to be in the way you have your systems setup.

Score: 0

|

Firewall problems indicate user/admin problem, not MS.

Score: 0

|

Anyone else getting an error when trying to get the updates?

The ERROR I am getting is:

Error number: 0x800A01CE

Thanks:
Scott

Score: 0

|

I've done half a dozen machines today without that error message, including ones still running SP0 and SP1 (yes, you can avoid SP2). Only issue I've noticed is with some downloads failing and having to restart.

Score: 0

|

The servers were pretty busy yesterday (they always are on Patch Tuesday)... clear Temp Files and try again. If you still do not succeed, check the FAQ's on the Windows Update page for more information on that error.

Score: 0

|

Why would you rush out and patch a SP0 or a SP1 box the day of the patch, but not upgrade to SP2 on the same boxes almost a year after it's release? If it's compatibility and critical apps you are worried about, why did you patch with day-0 releases?

crazy.

Score: 0

|

Not personally, but I heard someone is having that after applying the IE patch to an XP SP2 laptop system strangeley enough...

Score: 0

|

Silverlight 3 goes live on Microsoft's servers

Microsoft's answer to Adobe's Flash is (unofficially) here, with prospects of higher-speed, higher-resolution video and for the first time, 3D.

Three Android phones on the way from T-Mobile in 2009

T-Mobile's myTouch 3G, launched Wednesday, will be followed by two more Android phones later this year, but neither of them will be HTC's Hero.

Best Buy-brand TVs to get TiVo

A new alliance will place the retailer's own brand alongide the manufacturers, and could also lead to future partnerships on services.

LTE still lacks a voice

The 4G Wireless standard that Verizon hopes to show off before this year is out is still at a loss for (spoken) words.

Data sharing among online advertisers: Is sanity in sight?

Lockdown with Angela Gunn In the middle of a 15-page plea not to get regulated, a spark of smart thinking.

T-Mobile's strategy to combat Apple's iPhone with Android

With a trio of Android phones now in the pipeline for 2009, T-Mobile hopes to break the iPhone's emerging stranglehold.

EC's Reding: Government should act as broker for media downloads

If Internet media services don't step up and build an attractive way for users to start paying for downloads, a commissioner says, government may do the job instead.

Sony TVs get Netflix, still no PS3

Though it's coming in behind LG, Samsung, and Microsoft, Sony will begin to offer Netflix streaming, too.

Google Chrome OS: Too little, too early

Carmi Levy: Wide Angle Zoom Don't start the revolution just yet, says Carmi, who isn't so certain Chrome OS will be the "Windows Killer."

GAO pen test brings the hammer down on federal rent-a-cops

But are the computers to blame for the contract-guard fiasco at FPS?

What's Next: Chrome OS will have at least some friends in high places

Also: South Korea takes another round of DDoS abuse, and Neelie Kroes and Steve Ballmer may shake hands before she exits stage left.

Report: Evidence of further creativity with Windows 7 upgrade prices

A ZDNet blogger did some serious digging for clues as to a reported price break on multiple Windows 7 Home Premium licenses, and may have found it.