Wednesday, 11 April 2007

Microsoft Warns of 'Critical' Security Holes

Microsoft has made known that there are four security vulnerabilities in its software that it categorised as 'critical'. These flaws of exploited could enable a fraudster to gain access into a user's computer and run malicious attacks.

Microsoft has released patches that fix three holes in its Windows operating system and another in its Content Management Server product. Microsoft also issued another security update for Windows it rated at the lower threat level of "important."

The company had just released a patch outside of the regular monthly update to fix a flaw related to an animated cursor that hackers had used to launch attacks after users clicked on links to malicious Web sites.

"Normally Microsoft releases security patches on the second Tuesday of the month. Clearly the danger that the ANI vulnerability represents has encouraged them to release a patch as quickly as possible, which is good news for vulnerable internet users," said Graham Cluley, senior technology consultant for Sophos. "The fact that a worm has been seen in-the-wild exploiting the Microsoft security bug has raised the stakes over the weekend. Proactive protection has ensured that Sophos customers are not at risk from this viral attack."