Microsoft releases bumper patches

Microsoft releases bumper patches

Microsoft has warned PC users to update their systems with the latest security fixes for flaws in Windows programs. In its monthly security bulletin, it flagged up eight “critical” security holes which could leave PCs open to attack if left unpatched. The number of holes considered “critical” is more than usual. They affect Windows programs, including Internet Explorer (IE), media player and instant messaging. Four other important fixes were also released. These were considered to be less critical, however. If not updated, either automatically or manually, PC users running the programs could be vulnerable to viruses or other malicious attacks designed to exploit the holes. Many of the flaws could be used by virus writers to take over computers remotely, install programs, change, and delete or see data. One of the critical patches Microsoft has made available is an important one that fixes some IE flaws. Stephen Toulouse, a Microsoft security manager, said the flaws were known about, and although the firm had not seen any attacks exploiting the flaw, he did not rule them out. Often, when a critical flaw is announced, spates of viruses follow because home users and businesses leave the flaw unpatched. A further patch fixes a hole in Media Player, Windows Messenger and MSN Messenger which an attacker could use to take control of unprotected machines through .png files. Microsoft announces any vulnerabilities in its software every month. The most important ones are those which are classed as “critical”. Its latest releases came the week that the company announced it was to buy security software maker Sybari Software as part of Microsoft’s plans to make its own security programs.