Six Patches Coming on Patch Tuesday
By Ed Oswald | Published December 7, 2006, 3:45 PM
Microsoft will issue six security patches next Tuesday, of which at least two will have a rating of critical. Missing from this list is a patch for a recently discovered zero-day flaw in Word: no updates are scheduled for the Office suite.
All of the patches except one will fix various issues for the Windows operating system, with one of those being critical. The sixth will be a critical patch for users of Microsoft's Visual Studio programming application.
While Microsoft never discloses the nature of the patches in order to protect users, sometimes past disclosures of vulnerabilities can give clues to the company's moves. For example, the Visual Studio flaw may deal with an exploit first disclosed in early November.
That vulnerability apparently put users at a possible risk for remote code execution, say experts.
Left unpatched is a zero-day exploit for Word 2003 and earlier versions. Earlier this week, the US-CERT team from the Dept. of Homeland Security warned that a previous patch seemed to be ineffective against a "malformed string vulnerability" within those applications.
Microsoft said that it was working on correcting the new vulnerability, but apparently the new exploit had been disclosed late enough that the company was not able to issue a patch in time for next Tuesday. It would not be out of the ordinary, however, for the company to release an out-of-cycle patch.
In addition to the security update, Microsoft also plans to issue an updated version of the Microsoft Windows Malicious Software Removal Tool.
Besides the security updates, Patch Tuesday will be quite busy on the non-security patch front. Four high-priority updates will be released through Windows Update, with 10 coming through Microsoft Update, the company said in its monthly advisory.
Why is this news?
Score: 0
If there were no patches needed, THAT would be news!
Score: 0
no kidding
Score: 0
What else is new if it's from microsoft.
Score: 0
ZOIKS AGAIN!
have fun wondering if your safe...
Score: 0
Zoiks again, troll.
I use Windows, come get me smart guy.
Score: 0
Do Microsoft patches indicate that some one in the company is working...or that someone is NOT working? Hmmmmm.
Score: 0
Hopefully...someday...they release the patch for the high processor usage of svchost that many people have been suffering with lately.
Score: 0
As of 12/7/2005 there are 62 HotFixes/Updates -- not including the hog IE-7.x or MP11... How about a SP3? No one in their right mind is going to move to Vista until 2008 or SP10.
Score: 0
svchost is only a proxy. It doesn't consume that much on its own. The processes it spawns are what typically eat the CPU and RAM.
Score: 0
http://support.microsoft...px?scid=kb;en-us;914810
The Automatic Updates service may stop responding
http://support.microsoft...px?scid=kb;en-us;916089
FIX: When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods
Score: 0
Thanx...I know it can be resolved by disabling Microsoft Update and just using Windows Update.
Score: 0
How do you do that?
Score: 0
This is for "All Windows XP". You can narrow it down, though, to Home, Pro or whatever you like, then sort by popularity or release date.
http://www.microsoft.com...-4317-A1A9-0C56CD979D05
However, I prefer Autopatcher here:
http://www.autopatcher.com/downloads/
Score: 0