Microsoft to hit six flaws on Patch Tuesday


Microsoft to hit six flaws on Patch Tuesday

Tash Shifrin

Microsoft is to release six security alerts with updates to tackle flaws in its Windows operating system on Tuesday. At least one of the patches will fix a “critical” flaw.

The advance notice of Microsoft’s security patches follows an announcement at the end of last month by security firm eEye Digital Security that a security vulnerability had been found in the Remote Desktop Services portion of the Windows 2000, XP and Server 2003 operating systems.

The security firm said: “This high-risk security vulnerability could potentially allow an attacker to send a specially crafted Remote Desktop Protocol request to an affected system, which would result in a denial of service.”

It described the security issue as “a dramatic threat to business continuity”, adding that it could provide protection against the vulnerability “in lieu of a software patch from Microsoft”.

eEye did not detail the nature of the flaw, but moved to dampen press speculation about the scale of the threat it posed. “Some known security experts were quoted saying that there is a high likelihood that this vulnerability can be exploited to run arbitrary code on the target systems. This is completely false,” an eEye security alert said.

The potential result of successful exploitation was “nothing more severe” than denial of service, it added. The flaw could not be exploited in a worm attack.


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy