Microsoft to add new security fixes

Microsoft is to introduce a series of security patches in its next scheduled ‘Patch Tuesday’ to fix flaws in Windows.

The updates will be released to address primarily critical issues with the Windows’s XML parser.

The XML update is likely to be interesting to security experts because hackers have already posted code showing how a flaw in the parser could be exploited to run unauthorised programs on a PC.

So far, however, Microsoft has given no indication how it plans to patch this or another recent bug, reported in its Visual Studio software. That bug, known as the WMI Object vulnerability, could also allow an attacker to run unauthorised code on a victim's computer.

Last month, Microsoft issued 10 updates, fixing 26 bugs in its Windows and Office software.

Some experts believe Microsoft may put a hold on fixing the XML and Visual Studio problems because of a lack of time, and a belief that both vulnerabilities have been unnecessarily hyped. If the threat is low, Microsoft may wait to release a patch it knows will work rather than rush out a solution that will then be sliced and diced by ‘experts’ to prove its utility.