Windows XP and Windows Server 2003 users have been alerted by Microsoft regarding an unpatched bug that could be used to infect PCs by duping users into visiting rigged Web sites or opening attack e-mail. Windows Vista, Windows 7, Windows Server and Windows Server 2008 R2 are not vulnerable to the attack.
Microsoft’s next Patch Tuesday falls on July 13 which is still a month away and though MS says it plans to produce a patch, a date has not been announced.
Mike Reavey, the director of the Microsoft Security Response Center (MSRC), defended the delay in coming up with a patch after some severe criticism was thrown Microsoft’s way, saying:
This issue was reported to us on June 5, 2010 by a Google security researcher and then made public less than four days later, on June 9, 2010. Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk.
This is the eight Zero day – the term used to describe a threat for which there is no patch – this year for Microsoft which faced 10 last year.
[via ComputerWorld]
You Might Also Like:
Like this post? Post Comment and Subscribe RSS
Pingback: Tweets that mention Microsoft Issues Bug Warning for Windows XP and Server 2003 Users | PelWaves -- Topsy.com()