Microsoft Corp. today released nine updates to fix security holes in its Windows operating system, including three patches that earned Redmond’s “critical” rating, meaning the company believes hackers could exploit them to take control over unpatched computers.

Among the critical patches is a bundle of fixes for Microsoft’s Internet Explorer Web browser, which mends at least four security holes in the browser that purveyors of spyware will no doubt take advantage of on unpatched Windows machines in the near future.

There is also a patch to fix a critical problem in DirectShow, the video playback software bundled as part of Microsoft’s DirectX graphics program. This flaw is present in every version of Windows going back to Windows 98.

The third critical patch fixes three separate security holes in the Microsoft “MSDTC and COM+ services.” Never mind what those stand for or what they do, just patch if you need to — the flaws are present in certain versions of Windows Server 2003, Windows XP, and Windows 2000.

There are six other patches…

If you’re running Windows, you can (and should) grab the free patches immediately. One method is to point Internet Explorer to Microsoft’s update site. If you have not upgraded yet from Windows Update to Microsoft Update, you may be prompted to do so before continuing. Alternatively, you can let Microsoft handle the whole process for you by turning on automatic updates and installing any security patches it says you need.If you’re running Windows, you can (and should) grab the free patches immediately. One method is to point Internet Explorer to Microsoft’s update site. If you have not upgraded yet from Windows Update to Microsoft Update, you may be prompted to do so before continuing. Alternatively, you can let Microsoft handle the whole process for you by turning on automatic updates and installing any security patches it says you need.

This brings to 29 the number of critical patches Microsoft has issued thus far in 2005, already topping 2004’s total of 25 critical updates.

What is left to say?



  1. CmdrTaco says:

    Dammit, I want my MacTel!

  2. Boo this OS. Since they have an inelastic demand in this market they can charge whatever they want for a crappy product. EVERYBODY INSTALL LINUX and we wont’ have this prob.

    ~brianG

  3. Ray Koenig says:

    Thre’s nothing like a good linux box!

  4. tom says:

    what was the update that said malicious software removal tool

  5. Damian says:

    What’s left to say? Exactly what the previous poster did.

    Windows is a mess and is becoming unusable. Unlike Unix, it is not secure by design. All systems have flaws, but, as A.P. Lawrence says, “Windows has some problems that Unix doesn’t have. If that weren’t true, then why is Microsoft working to planning to change things in Vista?”

    http://aplawrence.com/Opinion/unix-viruses.html

    And given that it’s unlikely that Microsoft can now succeed in actually implementing those changes, because they have (1) the need for backwards compatibility and (2) a community of 3rd-party developers who won’t want to change the way they do things, it’s debatable whether Vista will be much of an answer anyway. The truth should be well-known by now. In a connected world, you must have true multi-user systems, and you cannot allow internal boundaries to be porous.

    As Bill Joy said:

    “I find Windows of absolutely no technical interest. They took systems designed for isolated desktop systems and put them on the Net without thinking about evildoers.”

    http://www.wired.com/wired/archive/11.12/billjoy_pr.html

    Either Microsoft did what they did without thinking – in which case they’re idiots. Or they chose to cut corners, to use an “environmental polluter business model” – in which case they’re rougues.

    It’s better to move to a Unix-based system like Linux or Mac OS X. Ubuntu Linux and Mepis Linux are both easy to use on the desktop. but Mac OS X slicker and is probably still easier for most people. Unfortunately, you do pay more for the hardware, and Steve Jobs won’t licence the OS to any other OEMs. Perhaps that will change after the move to Intel processors, but I’m not holding my breath.

  6. Jim says:

    Is there even anything left of the original Windoze? I think it’s all just a bunch of patches that work together now…

  7. Donald Adams says:

    Patches? I don’t have to show you no stinking patches!

  8. John Wofford says:

    I realize I’m not mainstream geek, but I’m on my third Windows operating system, I’ve never, ever installed an update or a patch, I run fairly sophisticated software, play around with web design, manage web sites, run networked apps and in general everything sort of runs along with just the occasional bump or two. I maintain a stout firewall, have anti-virus programs in place and restrict MAC address access to my network.
    I wonder, have I been lucky and missed the fusillade of attacks, or is this simply more damned ballyhoo and hype?

  9. Mike Cannali says:

    This gives me tremendous confidence in Windows firewall and other security products from Redmond.

    Let’s see, you don’t get the patches, unless you have a valid copy of Windows. All they have to do is build in vulnerabilities, (maybe release a few good viruses on the web at the same time), issue the patches and then enforce a license for every PC. Apparently, the original Microsoft vision of a copy of Windows running on every PC in the world can now be realized – or else. Sounds like a protection racket – Where is the DOJ now, when we need them most.

  10. Teyecoon says:

    Wofford,
    I’m sure a lot of it is not “ballyhoo and hype” for people that run Windows as-is without all the additional software protections but I also wonder if a lot of it isn’t desirable scare tactics used by Microsoft to get people to install these “patches” which may contain more than simply necessary patch code. The problem here is that you likely sacrifice privacy and control but then again, the Windows OS isn’t really yours according to the EULA (so they can do what they want with your computer with complete immunity even though you “paid” for it). Thus, it’s hard to say whether you actually are better off with or without these “necessary” patches. You make a good argument that a good admin doesn’t need them and is even possibly better off without them.

  11. “We Rewrite the code that makes the whole world scream”-RB

    You just gotta love Microsoft.
    They keep everyone on the edge!
    I can’t wait to see Microsofts version of linux. Code name Irma Fish


0

Bad Behavior has blocked 4556 access attempts in the last 7 days.