Home : Security : News

Microsoft fixes holes open to worm attacks

Vista and Server 2003 are fixed this Patch Tuesday, but Windows 7 comes out clean.

By Asavin Wattanajantra, 9 Sep 2009 at 11:10

Microsoft has released five security bulletins covering a total of eight vulnerabilities - six of which are rated critical, the company’s highest risk rating.

All of the patches cover core Microsoft operating system platforms, including four critical vulnerabilities in Windows Vista.

Two of the bulletins (MS09-049 and MS09-048) address flaws in the networking components of Windows Vista and Windows Server 2003 and 2008.

According to security firm McAfee, those flaws let malicious software spread from one PC to another.

“These vulnerabilities are the most likely to be exploited by malicious code and are two of the best worm candidates since Conficker,” said Dave Marcus, director of security research at McAfee, in a statement.

“That said, all of today’s security bulletins address vulnerabilities that could allow an attacker to take control of a vulnerable PC,” he added.

However, Wolfgang Kandek, chief technology for Qualys, noted that the operating system Windows 7 was not one of the operating systems needing patching, which he said was a “pleasant surprise.”

He said in a statement: “[It’s] most likely an outcome of the additional security measure implemented in this latest version of Windows.”

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

More Security Reviews