October 13, 2010

Microsoft Issues New Windows Security Patches

Microsoft Corp. issued a security fix for its Windows operating system and Internet browser on Tuesday for flaws that could allow hackers to take control of a PC.

The new patches help fix vulnerabilities including the Stuxnet Virus that attacked an Iranian nuclear power plant.

Microsoft said four of the new patches were of the highest priority and should be deployed immediately to protect users from potential criminal attacks on the Windows operating systems.

The company said it also fixed other less serious security flaws in Windows, along with security problems in its widely used Office software for PCs and Microsoft Server software for business computers.

Microsoft released 16 security patches to address 49 problems in its products, many of which were exploited by outside researchers.

"This is a huge jump," Amol Sarwate, a research manager with computer security provider Qualys Inc., told Reuters.  "I think the reason for it is that more and more people are out there looking for vulnerabilities."

"White hat" hackers are those who report these types of vulnerabilities.  Sarwate warned that there are also plenty of "black hats," who are criminal hackers that look for vulnerabilities in software.

Microsoft said that the patches released on Tuesday include software to fix a vulnerability exploited by the Stuxnet virus. 

The virus was discovered over the summer after infecting computers at Iran's Bushehr nuclear power plant.  Security research Symantec said that it detected the highest concentration of the virus on computer systems in Iran. 

Microsoft has patched three of the four vulnerabilities exploited by the virus.


On the Net: