Microsoft patch numbers reach record levels

By Derek Sooman on
Microsoft's latest "Patch Tuesday" involved a new all time high number of updates. Nine of these were critical, and in total there were twenty flaws patched in Windows and three in Office. Out of all of these, eleven were publicly known or exploited before Microsoft provided fixes for them.

Of specific interest is a remotely exploitable vulnerability in Windows, which Microsoft reports is already being used in attacks on PCs. The problem lies in a Windows service that provides support for networking features such as file sharing and printer sharing, the company said in security bulletin MS06-040.
The flaw that was fixed in MS06-040 could enable an anonymous attacker to remotely commandeer a Windows PC without any user interaction.

So far in 2006, Microsoft has issued more patches than in 2004 and 2005 combined. Some have speculated right now is a prime opportunity for hackers to exploit the backlog of unprotected vulnerabilities. Indeed, according to Alan Bentley, managing director, EMEA, of patch management specialist Patchlink, between the backlog of unpatched issues, and the chances of new vulnerabilities being discovered in adjacent areas, "Exploit Wednesday" may soon be on the horizon!

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.