NEWS
Microsoft said it is planning to make available this week a patch for a Windows flaw that has already been used in an attack.
Microsoft issued an advisory on the animated cursor flaw on Thursday and by Friday malicious code that took advantage of the hole was circulating.
In an email, Microsoft said it had originally planned to patch the flaw on 10 April as part of its regular monthly security update but now it plans to release the patch tomorrow because of the public exploit.
A Microsoft representative said in an email: "Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers."
The software behemoth said its analysis of the data suggests "the attacks and customer impact is limited" but said it encourages customers to download the patch when it is made available. Consumers that have Windows' automatic update feature turned on will get the patch automatically, while it will also be able to be downloaded manually.
Microsoft said it is also working with law enforcement to track down the attackers.
Ina Fried writes for CNET News.com
Comments
There are 2 comments. Join the discussion
1. Roger Huffadine
Yawn.......zzzzz -- its Microsoft so its vulnerable. Something about the quote on computing "Crap in Crap out". Unless you spend the time coding for security then you will never achieve it - MS will never achieve a secure system.
2. Lionel A
Well the patch arrived and installed on a desktop machine OK but on a laptop causes an error complaining that user32.dll is taking up too much memoryn and points to HHCTRL.OCX as being a problem by being out of date and that I should contact the vendor. Who owns it? Very helpful MS!