Microsoft’s Patch Tuesday is rolling around again next week, and the company has announced they have three fixes, all deemed critical.
The most important, without doubt, is one that fixes the hole in Internet Explorer that was announced earlier this week. The problem is in a browser component that deals with video, and thousands upon thousands of websites have been hijacked to give redirects to unwitting surfers what Microsoft has termed “browse-and-get-owned.” Those unprotected could find themselves part of a botnet or personal details plundered.
In a posting, Microsoft’s Jerry Bryant wrote:
"Our engineering teams have been working around the clock to produce an update for the issue discussed in Security Advisory 972890 (vulnerability in the Microsoft Video ActiveX Control) and we believe that they will be able to release an update of appropriate quality for broad distribution that protects against the attacks."
A temporary fix is already available, but this will ensure widespread distribution of the cure.
The second update patches a critical vulnerability in DirectShow, and relates to the previous fix. In both cases, it’s only pre-Vista systems that a really vulnerable.
The third fix, about which there were no details, affects all versions of Windows, according to Microsoft. There will also be three ‘important’ fixes.