Microsoft plans to issue two security patches next Tuesday, one of which earns the dreaded rating of critical, in this year’s first edition of its regular Patch Tuesday update cycle. The critical update covers a flaw that allows the remote execution of malicious software on vulnerable clients, including Windows Vista systems. The patch is also a critical update for Windows XP. The second update, rated as “important”, covers an unspecified privilege elevation flaw.
Microsoft is set to change how users activate Windows XP. The company will introduce a new procedure when Service Pack 3 is introduced, early this year. According to a Microsoft White Paper, new installations of Windows XP SP3 will give users the same 30-day grace period currently offered to Windows Vista customers before they’re required to enter a product activation key, the 25-character code that proves the copy is legitimate.
Microsoft reports “limited” attacks on Windows XP systems via an unexpected path exploiting a security hole in a copy protection program that comes with XP. (Windows Vista is not at risk.) The program that attackers are leveraging is Macrovision’s SafeDisc, optical-disc copy prevention software for Windows applications and games. The flaw is located in a system driver file called secdrv.sys. Microsoft immediately issued a Security Advisory.
Read the rest of this entry »
Recent Comments