New patches have been introduced after Microsoft confirmed three new security flaws in its Windows and Word software. If left unpatched, an attacker could take control of a personal computer and steal data or launch attacks by means of exploiting these flaws. For example, two of the flaws are related to imaging technology used by Windows, making it possible for attackers to have the user view a digital image that contains software code that exploits the flaws. The Word flaw, in addition, affects various versions of the word-processing program released in 2000 and 2004, and contains the same potential for danger.
"Simply by viewing one of these malicious images you can become infected with anything from adware and spyware to any other suspicious code," said Oliver Friedrichs, senior manager at Symantec's Security Response Center. "We've really seen a proliferation of Web sites that exploit these types of software flaws."
Users should go to www.microsoft.com/security to obtain the relevant patches.