Microsoft releases new patches for Windows flaws
SEATTLE (AP) _ Microsoft released three patches Tuesday to fix critical flaws in Windows security that could allow an attacker to take over another person's computer.
A fourth patch fixes a similar, but less severe, vulnerability in versions of the Windows operating system, which runs more than 90 percent of the world's computers.
The patches, released as part of Microsoft's regular monthly update, apply to Windows editions dating to Windows 98, and affect server systems going back to Windows NT Server 4.0.
The repairs are aimed at preventing an unauthorized person from being able to install new programs or to view, change or delete data on someone else's computer.
Similar flaws resulted in the Blaster worm, which hobbled hundreds of thousands of computers worldwide last August.
A security expert predicted that the latest flaws could result in another such attack, perhaps as soon as two weeks from now. Windows users who install the patch would not be affected.
Marc Maiffret of Aliso Viejo, Calif.-based eEye Digital Security Inc., which discovered some of the flaws in September, criticized Microsoft for not taking quicker action.
Stephen Toulouse, Microsoft security program manager, said the company would release a patch sooner if it believed a flaw were being exploited. But Microsoft tries to release patches once a month to make it easier for customers to keep track, he said.
Since the beginning of the year, Microsoft has released 13 patches for critical updates to its software.