bit-tech.net

Microsoft prepares 'Critical' Windows update

Microsoft prepares 'Critical' Windows update

The latest Patch Tuesday is only due to bring a single security patch - one which fixes an as-yet unpublicised bug in Windows.

The first Patch Tuesday of 2009 is due to land next week, and the good news is it's a fairly light load to start the year with – just a single security update.

According to Microsoft's advanced notification bulletin for the January 2009 security patch release cycle, there's just a single update due – something which will have sysadmins sighing with relief.

The not-so-good news is that the update is rated Critical by Microsoft's security team, and covers an as-yet unpublicised security vulnerability in all current versions of Windows. While no details are given for the vulnerability itself, it is known that the flaw can allow remote code execution when exploited – which accounts for its high importance rating.

The un-named flaw is rated Critical on Windows 2000 Service Pack 4, Windows XP Service Pack 2 and 3 plus the 64-bit editions thereof, and all editions of Windows Server 2003. The same bug is somewhat mitigated by in-built security enhancements in Windows Vista and Windows Server 2008, for which it only merits a Moderate tag – which usually means that code execution is prevented on these operating systems, or that exploitation is made more unlikely by in-built protection systems. There's no word yet on whether the flaw also exists in Microsoft's Windows 7 next-generation operating system, the public beta of which is immanently due.

Whatever the flaw is – and we should be finding out on Tuesday – it's always good to see a security flaw fixed. While that's the only security update planned, the day will also bring the usual raft of non-security updates including the regular update for the Windows Malicious Software Removal Tool – Microsoft's package which detects and deletes the most common trojans and mass-mailing worms from infected systems automatically.

Pleased that this month's security patches are a light load, or are you worried that Microsoft might be getting complacent? Share your thoughts over in the forums.

3 Comments

Discuss in the forums Reply
proxess 9th January 2009, 16:07 Quote
Every time I bother to boot into Windows i end up having to restart. I guess next time's no exception.
Vigilante 9th January 2009, 16:58 Quote
Quote:
Originally Posted by proxess
Every time I bother to boot into Windows i end up having to restart. I guess next time's no exception.

Perhaps not booting to windows once a month would solve that issue.

As for the patch, I think it could mean one of two things;

1. Microsoft are only patching the really extreme vulnerabilities to focus on getting Windows 7 up to speed as soon as possible; or

2. This patch took a lot of time to test, perhaps patching things in the heart of windows that required a lot of testing to check compatibility.

Either way, at least it won't be a stressful patch Tuesday. One of the few days I get off work and I don't want to be finding new ways to waste my time trying to diagnose problems on my home PC.
Bluefan 10th January 2009, 21:40 Quote
Quote:
Originally Posted by Vigilante
...Perhaps not booting to windows once a month would solve that issue.....
Like in not even booting to windows once month but not at all?
That's what I doing regularly, and it's irritating when I want to shut down and have to wait and wait untill my laptop finally shuts down.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums