24 Oct 2008 UPDATE: Are you looking for today's patch? See: Microsoft issues critical out of cycle server security patch update for Windows
Microsoft is to issue a "critical" Windows patch today, but the lack of details has prompted speculation that a serious vulnerability is involved.
Andrew Kellett, Butler Group senior research analyst, said it is over a year since Microsoft last took such an unscheduled course of urgent corrective action.
"To rush out this type of out-of-band update, Microsoft must consider the issue to be very serious indeed and appear to have taken direct and appropriate action," he said.
News of the security update for Windows 2000, XP and Server 2003 was released late Wednesday, but few details were given.
Andrew Kellett said Microsoft appeared to be keeping quiet about the actual vulnerability.
Previously Microsoft has been criticised for not getting important patches out quickly enough.
"They have also left themselves open to secondary action from third-party patch providers and the potential problems to clients that taking such a risky alternative entails," Andrew Kellett said.