ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/reg/register.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    Microsoft patches eight security flaws

Microsoft uses its monthly patching day to explain why it takes so long to fix some security flaws.

By Nicole Kobie, 15 Apr 2009 at 11:38

gallery

Microsoft has defended the time it takes to fix known security flaws, as it released patches for eight vulnerabilities.

Of the eight patches, which are part of Microsoft’s monthly update cycle, five are rated critical, two are important and the last is moderate.

The first patch fixes a critical flaw in Excel, which has already been publicly exploited, Microsoft researchers said in their security blog. The second patch solves another already-exploited flaw in Word Pad and Office.

The other critical fixes are for Internet Explorer, Windows HTTP Services and DirectX. The two important bulletins fix a token kidnapping flaw in Windows and a spoofing vulnerability in ISA Server. The last, least serious flaw being patched is an elevation of privilege issue in SearchPoint.

On it’s blog, the Microsoft security team noted that five of the vulnerabilities were previously made public – some as early as April of last year. The team wrote that Microsoft sometimes takes a while to issue a security update because they want to make sure the vulnerability is fully addressed and compatible with third party software.

“I will say that we will do the right thing for our customers; we will dig deeper; we will hold a low quality update; and we will release an update when it is ready for broad distribution; no sooner or no later,” the post said.

More details on the security patches are available here.

Email to a friend

Print this page

< Previous   Security : News Next >

Office 365: A complete Guide

Be the first to comment on this article

You need to Login or Register to comment.

    You may also like...

 Sponsored Links

advertisement

    You may also like...

    Latest Security Analysis & Insight

passwords

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

Read more

 

More Security Analysis & Insight

    Latest Security Reviews

Check Point 2210 Appliance

Check Point 2210 Appliance review

Rating: 4

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

Read more

 

More Security Reviews

advertisement

    Most popular

    Latest News Videos in Security

Data protection

IT PRO Podcast: Are UK data protection laws flawed?

Play IT PRO Podcast: Are UK data protection laws flawed?   Play

We bring in two experts to talk about the problems with UK data protection law and the way it is managed.

 

    Register for IT PRO

You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Sponsored Links
Advertisement