It may be June, but Microsoft techies haven't turned their focus to summer vacations yet. Instead, company security engineers have been busy prepping 10 major software patches that fix 31 important security vulnerabilities in Windows, Office, and other Microsoft products. Eighteen of the vulnerabilities are classified by the company as "critical fixes."
Patches were delivered Tuesday via Windows Update and are targeted at Windows XP, and to a lesser degree Vista. Beta users of Windows 7 don't appear to have been included in the update. If your PC isn't set up to receive automatic updates -- it should be. Here is how.
Patches target the usual security suspects, such as new vulnerabilities found in Microsoft's own Internet Explorer Web browser. Also included with the updates is help for computers impacted by a rogue "antivirus" application called Internet Antivirus Pro. The purported antivirus program installs itself onto users' computers, then eats up huge resources as it slows systems down, flashes up constant pop-up messages (see above), and then downloads software that steals passwords and causes other havoc. Tuesday's Microsoft patches include a fix that can detect and help remove this rogue application, according to the security team.
Some Applications Get Patched, Others Not
Also included are patches for Windows, Excel, Word, and much more, all aimed at fixing the latest moderate- to critical-level security vulnerabilities recently uncovered.
One fix that didn't make it into this month's Patch Tuesday release was a patch to fix a generally rare vulnerability that involves DirectX and QuickTime. The security vulnerability can affect Windows XP or Windows Server 2003 users, but not Vista or Windows Server 2008 users, according to the company. The vulnerability can allow an intruder to take over control of a computer using an exploited QuickTime file. In the meantime, here's a workaround you can install to protect your PC from this possible vulnerability.