Communications > Security

Vole holds fire on core flaw

Wait until patch Tuesday

By Nick Farrell

Tuesday, 7 November 2006, 09:26

MICRSOFT'S DEDICATION to releasing its patches once a month might cost more than a few users control of their computers.

Security boffins have discovered an "extremely critical" vulnerability has been discovered in Microsoft's XML Core Services.

Secunia says the flaw, which only hurts those who use Internet Exploder, is caused by an error in the XMLHTTP 4.0 ActiveX Control.

ISS X-Force says the flaw could lead to loss of confidential information, disruption of business, or further compromise.

According tonews.com, the Vole has admitted that the bug is being exploited by hackers, but it does not seem to be rushing to fix the flaw before its normal run of bug releases on November 14.

A spokesVole said that Microsoft will determine, based on "customer needs" whether to release a patch during the company's monthly release process or an out-of-cycle security update.

In other words, if enough Volish punters find their machines compromised, Microsoft will release a patch. If not, world plus dog will have to wait until November 14. µ

L'INQ
News.com

Microsoft tells users how to prevent IE zero day attacks Fire in the Vole! Friday, 12 December 2008, 15:01 PM Read more	Ancient flaw hits Vista Computer can BSOD like it is 1999 Wednesday, 9 September 2009, 10:48 AM Read more
Turn off Javascript in IE again You probably were not expecting this Tuesday, 24 November 2009, 10:21 AM Read more	PR spinner insists Vista kernel is secure Comment Only Device I/O Control is buggy Thursday, 4 December 2008, 13:24 PM Read more
First Windows 7 zero day exploit is spotted You probably were not expecting this Friday, 13 November 2009, 11:42 AM Read more	Microsoft releases emergency patch IE flaw spreading fast Wednesday, 17 December 2008, 11:52 AM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

Most read
Most commented
Most popular

INQ Whitepapers

Will you be buying a new computer this Christmas?

Yes, a new computer will be under the tree

Yes, a netbook will fit my stocking nicely

No, but will be upgrading some components / building my own

No, my computer works fine if I change the oil often enough

Bah humbug, I'll wait for the January sales to decide

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Vole holds fire on core flaw

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Java Developer, Solution D

Java Programmer:- JAVA, J2E...

Read more

Technical Courier - Milton

Technical courier required ...

Read more

XML Content Developer

My client, a large blue-chi...

Read more

Web Designer Flash, Photos

Web Designer Flash, Photosh...

Read more

Enterprise Architect

Enterprise Architect requir...

Read more