updated 10/12/2004 7:25:16 PM ET 2004-10-12T23:25:16

Microsoft Corp. released 10 security fixes for various products Tuesday, including seven that fix flaws the company said pose the highest threat to users.

The new patches apply to a variety of products, including some versions of Microsoft's Windows operating system and server software, its Internet Explorer Web browser and Excel spreadsheet program.

The seven critical flaws could allow an attacker to take control of a user's computer, while three other fixes deemed "important" -- the second-highest rating -- pose less of a threat.

(MSNBC is a Microsoft - NBC joint venture.)

The Redmond software giant also rereleased a patch it put out last month because of problems with the fix and with the company's massive new security update for the latest version of Windows, which is called Service Pack 2.

The patch aimed to fix a flaw that could allow an attacker to infiltrate a computer if the user viewed a specially crafted image in the popular JPEG format.

Stephen Toulouse, a security program manager at Microsoft, said people who had Service Pack 2 and are also using Office XP didn't receive the update correctly because of a problem with the installer.

The slew of security updates comes just months after Microsoft released Service Pack 2, which aimed to address ongoing security concerns that have dogged Microsoft's ubiquitous Windows operating system. Users who have downloaded Service Pack 2 will only need one of the new patches, to fix a component of the Internet Explorer browser.

Oliver Friedrichs, a senior manager at security firm Symantec, said some of the vulnerabilities, if exploited, could allow an attacker to take control of a person's computer even if the person just looked at an e-mail or viewed a Web site containing a malicious file. Other vulnerabilities require more action on the user's part, he said, such as opening a file.

The sheer volume of updates Microsoft released Tuesday could pose problems for businesses grappling to get them all installed in time to prevent attacks, Friedrichs said. Many companies must first test the fixes to make sure they don't break other applications that are necessary for doing business.

Toulouse said the big list of fixes was coincidental and did not have to do with any overarching problem that was discovered within Microsoft's products.

Microsoft shares closed down 3 cents, at $28.03, on the Nasdaq Stock Market.

Copyright 2004 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments