Microsoft Issues Patch For 'Important' Security Flaw

The fix addresses a vulnerability in Windows XP and XP Service Pack 1 and Windows Server 2003.

George V. Hulme, Contributor

May 11, 2004

1 Min Read
InformationWeek logo in a gray background | InformationWeek

In its monthly publishing of patches and warnings, Microsoft includes one for a new security flaw that the company ranks "important." It also has updated two previously published software patches. "Important" flaws are one notch below Microsoft's most-serious rating, "critical."

The fix in Security Bulletin MS04-015 addresses a vulnerability in Windows XP and XP Service Pack 1 and Windows Server 2003. Sixty-four-bit versions of those operating systems contain the flaw, too. The problem resides in the operating systems' Help and Support Center, and could allow "remote code execution," the vendor stated in its advisory.

Microsoft says in its advisory that an attacker who successfully exploits this vulnerability could "take complete control" of a targeted system. However, people would have to visit maliciously designed sites or open a similarly designed E-mail in order to be victimized. The company says the Help and Support Center must be activated for the patch to be applied.

The company has also updated two previously released patches, MS01-052 and MS04-014.

Find more information on this vulnerability and the updates themselves here.

About the Author

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights