Microsoft issues its biggest-ever security fix
Wednesday 13 October 2010
Microsoft issued its biggest-ever security fix, including repairs to its ubiquitous Windows operating system and Internet browser for flaws that could let hackers take control of a PC.
The new patches aim to fix a number of vulnerabilities including the notorious Stuxnet virus that attacked an Iranian nuclear power plant and other industrial control systems around the world.
Microsoft said four of the new patches - software updates that write over glitches - were of the highest priority and should be deployed immediately to protect users from potential criminal attacks on the Windows operating systems.
Microsoft said it also repaired other less serious security weaknesses in Windows, along with security problems in its widely used Office software for PCs and Microsoft Server software for business computers.
Microsoft released 16 security patches to address 49 problems in its products, many of which were discovered by outside researchers who seek out such vulnerabilities to win cash bounties as well as notoriety for their technical prowess.
"This is a huge jump," said Amol Sarwate, a research manager with computer security provider Qualys Inc. "I think the reason for it is that more and more people are out there looking for vulnerabilities."
The geeks who report such vulnerabilities to software makers are known as "white hat" hackers. Sarwate warned that there are also plenty of "black hats," or criminal hackers who look for vulnerabilities in software that they can exploit to launch attacks on computer systems.
Indeed, the world's biggest software maker said that the patches released on Tuesday include software to fix a vulnerability exploited by the Stuxnet virus - a malicious program that attacks PCs used to run power plants and other infrastructure running Siemens industrial control systems.
The virus, which infected computers at Iran's Bushehr nuclear power plant, was discovered over the summer. Security research Symantec said that it detected the highest concentration of the virus on computer systems in Iran, though it was also spotted in Indonesia, India, the United States, Australia, Britain, Malaysia and Pakistan.
So far Microsoft has patched three of the four vulnerabilities exploited by Stuxnet's unknown creators.
The total of 49 vulnerabilities exceeds the previous record of 34, which was set in October 2009 and matched in June and August of this year.
The constant patching of PCs is a time-consuming process for corporate users, who need to test the fixes before they deploy them to make sure they do not cause machines to crash because of compatibility problems with existing software.
Life & Style blogs
The Interview release: President Obama hails Sony's decision to put out film on Christmas Day after all
Planes go hybrid-electric in important step to greener flight
GTA 5: Christmas arrives in Los Santos as update brings snowball fights, festive jumpers and a homing missile launcher
'Tis the season!: Google celebrates Christmas Eve with second animated Doodle
Christmas 2014: Jesus was not born in a stable, says theologian
Nigel Farage defends Kerry Smith 'ch***y' comment: 'If you are going for a Chinese, what do you say you’re going for?'
Rozanne Duncan: Ukip expels councillor for 'jaw-dropping' comments made in BBC TV interview
Germany anti-Islam protests: 17,000 march on Dresden against 'Islamification of the West'
British actor Idris Elba cannot star as James Bond because he is black, says shock jock Rush Limbaugh
Panic Saturday: 13 million Britons spend £1.2bn – while 13 million others across the country live in poverty unable to afford food
BBC director Danny Cohen: Rising UK antisemitism makes me feel more uncomfortable than ever
- 1 North Korean prison officers 'cooked prisoner's baby and fed it to their dogs', more horrific accounts from UN report reveal
- 2 Antonio Martin shooting: Mayor says there should be 'no comparison' to Ferguson
- 3 Antonio Martin shooting: Police and protesters clash over teenager's death just five miles from Ferguson, Missouri
- 4 British actor Idris Elba cannot star as James Bond because he is black, says shock jock Rush Limbaugh
- 5 Isis 'did not shoot down coalition-led warplane' before capturing Jordanian pilot, says US
iJobs Gadgets & Tech
£35000 - £45000 per annum: Ashdown Group: Moodle Developer (PHP ,Linux, Apache...
£17000 - £30000 per annum: Recruitment Genius: This is a fantastic opportunity...
£21000 - £26000 per annum: Recruitment Genius: This Award-winning pharma softw...
£30000 - £45000 per annum: Recruitment Genius: A Senior Java Developer is requ...