Microsoft patches four holes

MICROSOFT HAS fixed four security flaws in its Windows and Office software, three of them defined as 'critical'.

However yesterday's 'patch Tuesday' failed to see patches for known 'zero day' flaws in its Word software. The flaws have been known about since December and have been exploited by hackers already. According to eWeek, Vole initially planned eight patches, but pulled four of them at the last minute. However it is not clear if the Word flaws were amongst them.

Another flaw which was not fixed was a the first confirmed Windows Vista flaw, a denial-of-service issue that was publicly released on an underground hacker site in Russia.

One of the critical vulnerabilities can be found in Internet Exploder 7. But none affect Microsoft's new Office 2007 or Windows Vista packages.

Users with Microsoft's automatic updates feature will get the patches sent to their computers. Other users can get them at Vole's security Web page. µ