MoneyWednesday, August 15, 2007 11:48 PM CDT

Comments (5) |

E-mail this page |

Print this page |

Enlarge type |

Reduce type |

Search archives |

RSS feeds |

Add to My Yahoo!

Microsoft issues 9 security patches, including 6 'critical'

By JESSICA MINTZ
AP Technology Writer

SEATTLE -- Microsoft Corp. issued fixes for nine security flaws, including four meant to keep hackers from breaking into computers through Web pages, during a regularly scheduled update Tuesday.

Microsoft gave the four Web browsing-related patches its most severe "critical" rating. The updates affect many versions of Windows, Server and Office software -- including Windows XP and Windows Vista -- and are meant to prevent hackers from breaking into Web surfers' computers using specially crafted Web pages.

The other two critical updates target holes in the Excel spreadsheet program and in technology that lets users see downloaded images from e-mails or social networking Web sites.

Microsoft assigned the second-highest "important" rating to three security updates.

Although the software maker has said Windows Vista, which became available to consumers in January, is its most secure operating system ever, one of the important patches Tuesday fixes a hole in "gadgets" -- small software applications -- that deliver Really Simple Syndication, or RSS, feeds to the desktop.

Users who subscribe to a malicious RSS feed, add a malicious contact file or click on a malicious weather link could open the door for an attacker to run code on their systems, according to Microsoft's security bulletin.

The other important patches plug holes in Windows Media Player and in programs that let users run more than one "virtual" computer from inside a single hardware setup.

Amol Sarwate, manager of the vulnerability research lab run by security company Qualys Inc., said hackers are increasingly looking to the Web for ways to attack regular users' computers.

"What we have today is the new frontier of Web-based attacks with image files, media player skins, gadgets" and other entry points, Sarwate said.

Sarwate said information technology staff at big companies have grown more savvy about security measures when running server applications. So instead, Sarwate said, attackers are looking to capitalize on average computer users' ignorance about security to break in and install programs that can steal passwords and credit card numbers.

Windows users can visit Microsoft's security Web site to get the updates, or configure their computers to automatically update each month.

On the Net: http://www.microsoft.com/security

E-mail this story | Print this story | Search archives | RSS

Show comments | Hide comments | Hide comments on all stories

Subscribe to the Pantagraph

Contact the Pantagraph staff

Home page | Previous page | Top

Ads by Yahoo!

Free Business Grants Kit

Get $50,000 in Free Business Grants. Request Your Free Kit Today.
www.thousanddollarprofits.com

Business Plan Writing and Development

Business plan writing since 1979. BBB Accredited.
BPlanning.com

Business Plan and Incorporation

Business Plan writing and business development/incorporation made easy.
www.c2consultingonline.com

Video

Most commented stories

Top 10 from the past 14 days

Community calendar

Browse online archives

Recent issues:

Reader comments on this story - 5 total

Note: All views and opinions expressed in reader comments are solely those of the individual submitting the comment, and not those of the Pantagraph or its staff.

Waffle of Justice wrote on Aug 15, 2007 11:14 PM:

" Microsoft released 9 this month, Apple released 46 patches, variety's of Linux release patches daily, or go unpatched until you re-write the source code. Operating systems are not the only target, any 3rd party software on your system has probably had a exploit written for it. "

Shocked wrote on Aug 15, 2007 3:23 PM:

" Wow, frankly I'm shocked nobody has said "Well, I don't have any of those problems, because I have a Mac." I'm sure somebody will respond soon with that anwser. "

Get a Clue wrote on Aug 15, 2007 3:15 PM:

" Who wants to write viruses to shut down Macs? So you shut down 100 computers nationwide, big deal. People please learn about computers and understand there is not an operating system made that doesn't have vulnerabilities, nor the need for updates. And please quite embarrassing yourself bashing a product that has 95% of the market in support of a company that would not exist is it wasn’t for MP3 players and cell phones. "

UbuntuBrad wrote on Aug 15, 2007 11:26 AM:

" "Although the software maker has said Windows Vista, which became available to consumers in January, is its most secure operating system ever" That is the best quote ever ROLFLMAO. "

LittleMac wrote on Aug 15, 2007 10:09 AM:

" To one who truly understands these things, I'll bet with all the patches my computer's hard drive looks like a badly made quilt. The 'Mother Of All Badly Made Quilts' at that. "

Add your own comments

Please read the rules before posting comments.

You must be logged in to leave comments.
If you don't have a member ID, please register.

*Member ID:
*Password:
Remember login? (requires cookies)
	Forgot Your Password?

Customer Service | 301 W. Washington St., PO Box 2907, Bloomington, IL 61701-2907 | Ph. 309-829-9000 | 800-747-7323