Patch race is on as Microsoft issues eight critical patches

Microsoft has issued eight patches for "critical" security holes in its Windows operating system and specific Windows...

Microsoft has issued eight patches for "critical" security holes in its Windows operating system and specific Windows applications.

Security experts said the extensiveness of the flaws and the time it will take businesses to patch machines means hackers are likely to take advantage of the publicised flaws.

Patches that Microsoft has deemed as "critical" cover:

  • Windows, Licensing Logging Service
  • Windows, Server Message Block
  • Windows, Exchange Server & Office, Object Linking and Embedding and Common Object Model
  • Windows, DHTML Editing Component ActiveX Control
  • Windows, Cumulative for Internet Explorer
  • Windows, Hyperlink Object Library
  • Office XP
  • Windows, Windows Media Player & MSN Messenger "PNG Processing"

Microsoft said all these security holes could allow a hacker to take complete control of a user’s machine if patches are not downloaded immediately.

Security company Websense said, "Due to the time that it takes to patch machines, and the potential to use a malicious website as an attack vector to exploit these vulnerabilities, we believe that web-based attacks will now start surfacing."

Other "important" or "moderately important" patches cover security openings in Microsoft (could allow an attacker to gain unauthorised access to parts of a website), Microsoft Sharepoint (could allow an attacker to modify web browser caches or perform cross-site scripting attacks), the Windows "Shared Resource Connection", and the Windows Shell Component.

The patches are available for download at:

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.