Microsoft announces ‘critical’ security flaw
The monthly Security bulletin from Microsoft offers thin pickings for potential hackers this month. The bulletin reports a single vulnerability in Windows – albeit a critical one.
A vulnerability exists in the Windows Graphics Rendering Engine that could allow a hacker to gain control of the computer and run malicious code.
According to the bulletin, the vulnerability exists in all versions of Windows XP including Windows XP Professional x64 Edition, Windows XP Service Pack 2 and Windows Server 2003. Due to the critical nature of the flaw, Microsoft is recommending that IT managers and end users apply the patch immediately.
The single vulnerability in the monthly security update is further evidence that Microsoft is finally getting on top of the security issues in its software that has so damaged the company’s reputation amongst business and end users alike.
However, Microsoft is not necessarily out of the woods yet. In October, the company announced nine new patches. The need for the user community to respond quickly was highlighted when a security company created an exploit for one of the announced vulnerabilities. Because of this kind of potentially damaging response, Microsoft is a lot more coy about releasing details of any vulnerabilities than it used to be for fear of providing information to hackers.