Three Windows flaws patched

Microsoft warned users of its Windows operating system of three newly-found 'critical' security flaws, including one that allows attackers to take control of a computer. The company issued patches to fix the problems as part of its monthly security bulletin. The problems affect Windows and the Internet Explorer Web browser.

The patches can be downloaded from www.microsoft.com/security.

The vulnerabilities exist in the Internet Explorer Web browser, the most severe of which could allow an attacker to take complete control of an affected computer. An attacker could exploit that vulnerability by luring users to malicious Web pages and running software code on the user’s PC.

Microsoft also plans to re-release Update Rollup 1 for Windows 2000 Service Pack 4 due to several problems users are having with the current version.

The SP4 update rollup has been downloaded several million times since its release on June 28, but Microsoft noted problems with a few downloads. Some of those problems involve making connections to servers running Citrix, and compatibility with third-party security software.

As a result of these issues, the company posted information and prescriptive guidance online to help users address any problems, and it will post a new version of the update rollup soon. In the meantime, Microsoft won’t remove the current SP4 update rollup from its Microsoft Download Centre and Windows Update, and the company advised users to read the information provided on the site to see if the problems that have arisen with some users will affect them.