blob: 1a2f74dafb3bc9a6c5d58670de537be37e3ee02b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<img border="0" src="http://blog.wired.com/photos/uncategorized/winvista_v_thumb_9.jpg" title="Winvista_v_thumb_9" alt="Winvista_v_thumb_9" style="margin: 0px 0px 5px 5px; float: right;" />Earlier this month Microsoft issued an [emergency patch][3] for the animated cursor vulnerability in Windows Vista and XP. Yesterday saw the release of the [official monthly patches for Windows][1], which includes the cursor vulnerability fix as well as four other patches to fix critical flaws.
For Vista users, the important patch is the cursor vulnerability. If you didn't update last week, Microsoft encourages you to do so now. Windows Update should find and install the patches, though you can always [download them][1] from Microsoft's security site.
The April security release is the first such critical bugfix for Vista. Curiously, Microsoft never issued a monthly patch in March, despite having been informed of the cursor vulnerability back in December.
Some have speculated that the absence of a March update could have been a result of Microsoft's reluctance to admit Vista's vulnerabilities so close to its release.
Normally I'd dismiss such conspiracy-oriented musings, but given the way executives have been touting Vista as "secure out of the box," even while the company knew about the cursor exploit, well, it doesn't look good.
Perhaps [Vienna][2] will fare better.
[2]: http://en.wikipedia.org/wiki/Windows_%22Vienna%22 "Microsoft Vienna"
[3]: http://blog.wired.com/monkeybites/2007/04/microsoft_to_pa.html "Microsoft To Patch Vista Vulnerability"
[1]: https://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx "Microsoft Security Bulletin Summary for April 2007"
|
