SEATTLE (Reuters) - Microsoft Corp. on Wednesday announced five new "critical" flaws in its software and provided patches to stop hackers accessing computers through a malicious program similar to the devastating Blaster worm.
The announcement, part of an initiative to notify computer users of patches on a more regular basis, applies to a wide range of Microsoft software.
Stephen Toulouse, a security program manager, urged companies and individuals using the products to apply the patches in order to correct flaws in the software.
The software, detailed on the Web site http://www.microsoft.com/security, includes Microsoft's Exchange e-mail server, Windows operating system, Windows Messenger service and multimedia software for Web browsers.
The flaws affect both businesses and individual users, Microsoft said, although the Messenger program, which was created for enterprises, won't affect most consumers.
"We're trying to move from patch development to patch deployment," Toulouse said, under a strategy to get customers to update Microsoft software more frequently.
The plan to improve the software patch system was announced by Chief Executive Steve Ballmer last week as part of Microsoft's ongoing Trustworthy Computing initiative. The initiative aims to make its software more secure and reliable and was launched in early 2002.
The world's largest software company said it recognized the difficulty the multiple patches posed for companies, and set out to make it easier for them to apply the updates.
Critics of the company say the key to better security is to design better software, something that Microsoft said it is doing as part of its trustworthy initiative.
John Parker, a senior product manager at security company Network Associates Inc., said the number of patches was not out of the ordinary, as Microsoft has announced an average of four or five critical patches a month so far this year.
"But they are very serious," said Parker, adding that a compromised computer could be used by attackers to run malicious programs and launch attacks on other computers.
Microsoft announced a total of seven software flaws and patches on Wednesday, of which five were given the company's most urgent security rating of "critical."
Welcome to Unexplained Mysteries! Please sign in or create an account to start posting and to access a host of extra features.
Microsoft Fixes Five 'Critical' Security Holes
No replies to this topic
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users