Thursday, April 12, 2007

Microsoft warns of 4 "critical" security holes

Reuters

SAN FRANCISCO (Reuters) - Microsoft Corp. (MSFT.O: Quote, Profile, Research) warned of four security flaws in its software that it categorized as "critical" on Tuesday that could allow attackers to gain control of a user's computer.

Microsoft, whose Windows operating system runs some 95 percent of the world's computers, issued the patches as part of its monthly security bulletin.

The world's biggest software maker defines a flaw as "critical" when it could allow a damaging Internet worm to replicate without the user's doing anything to the machine.

The company said the "critical" patches fixed three holes in its Windows operating system and another in its Content Management Server product. Microsoft also issued another security update for Windows it rated at the lower threat level of "important."

The fixes come a little more than a week after it released a patch outside of the regular monthly update to plug a security hole related to an animated cursor that hackers had used to launch attacks after users clicked on links to malicious Web sites.

The company has been working to improve the security and reliability of its software as more and more malicious software target weaknesses in Windows and other Microsoft software.

The latest patches can be downloaded at www.microsoft.com/security.