Microsoft to hit six flaws on Patch Tuesday

News

Microsoft to hit six flaws on Patch Tuesday

Tash Shifrin

Microsoft is to release six security alerts with updates to tackle flaws in its Windows operating system on Tuesday. At least one of the patches will fix a “critical” flaw.

The advance notice of Microsoft’s security patches follows an announcement at the end of last month by security firm eEye Digital Security that a security vulnerability had been found in the Remote Desktop Services portion of the Windows 2000, XP and Server 2003 operating systems.

The security firm said: “This high-risk security vulnerability could potentially allow an attacker to send a specially crafted Remote Desktop Protocol request to an affected system, which would result in a denial of service.”

It described the security issue as “a dramatic threat to business continuity”, adding that it could provide protection against the vulnerability “in lieu of a software patch from Microsoft”.

eEye did not detail the nature of the flaw, but moved to dampen press speculation about the scale of the threat it posed. “Some known security experts were quoted saying that there is a high likelihood that this vulnerability can be exploited to run arbitrary code on the target systems. This is completely false,” an eEye security alert said.

The potential result of successful exploitation was “nothing more severe” than denial of service, it added. The flaw could not be exploited in a worm attack.

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy