Three Windows flaws patched
Microsoft warned users of its Windows operating system of three newly-found
'critical' security flaws, including one that allows attackers to take control
of a computer. The company issued patches to fix the problems as part of its
monthly security bulletin. The problems affect Windows and the Internet Explorer
The patches can be downloaded from www.microsoft.com/security.
The vulnerabilities exist in the Internet Explorer Web browser, the most severe
of which could allow an attacker to take complete control of an affected computer.
An attacker could exploit that vulnerability by luring users to malicious Web
pages and running software code on the users PC.
Microsoft also plans to re-release Update Rollup 1 for Windows 2000 Service
Pack 4 due to several problems users are having with the current version.
The SP4 update rollup has been downloaded several million times since its release
on June 28, but Microsoft noted problems with a few downloads. Some of those
problems involve making connections to servers running Citrix, and compatibility
with third-party security software.
As a result of these issues, the company posted information and prescriptive
guidance online to help users address any problems, and it will post a new version
of the update rollup soon. In the meantime, Microsoft wont remove the
current SP4 update rollup from its Microsoft Download Centre and Windows Update,
and the company advised users to read the information provided on the site to
see if the problems that have arisen with some users will affect them.