Microsoft releases out-of-band Update today

Now this hasn’t happened for years: Microsoft is going to release a patch this evening (europe time) for all Windows operating systems. In an advance notification Microsoft states the security hole this patch plugs is critical for all operating systems before Windows Vista and Server 2008, where the company rates the vulnerability only as important.

That Microsoft feels the need to publish an update on a different date than on “Black Tuesday” – the second tuesday of the month is Microsoft’s regular update-date -, means two things:

1. The hole is absolutely critical and endangers all users of Microsoft operating systems.

2. Users should apply the patches immediatly when available. There are automated ways that attackers can use the patches with to construct an exploit for the hole that just was plugged. So exploits will be available very fast. The criminals will use that for infecting unpatched user systems with malware like trojans, so they can get hold of sensitive data and even access to the online bank accounts.

Dirk Knop
Technical Editor