Microsoft Patches Critical Windows Flaw

by admin November 14, 2007 at 9:01 pm

One of the updates Microsoft released on Patch Tuesday is a DNS fix that got pulled from October’s set of updates. The vulnerability that this patch is designed to fix is well understood in the security community and has been fixed already in many DNS servers, according to Andrew Storms, director of Security Operations for nCircle.

Microsoft released two security updates on Tuesday to patch two vulnerabilities, one rated “critical” and the other “important.” The small number of November updates contrasts with the series of Patch Tuesday summer releases that numbered as high as 17 vulnerabilities.

The critical vulnerability addressed on Tuesday could be exploited through malicious Web sites, while the important-rated vulnerability could make way for hackers to redirect Internet traffic from legitimate sites to fake ones.

Full article: