Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in

    Microsoft fixes critical security flaws in Windows

    June 13, 2007

    Microsoft Corp. released four critical patches Tuesday to plug security holes in several versions of its Windows operating system, Internet Explorer Web browser and other programs.

    The patches, which carried Microsoft’s highest security warning, all are to prevent malicious hackers from remotely taking control of computers without permission.

    Three of the patches aim to protect Windows users who unwittingly expose their computers to attack by visiting Web pages infected with malicious code, or look at similarly tainted e-mails with Outlook Express or Windows Mail. A fourth patch prevents hackers from gaining remote access to PCs by installing a specially crafted program.

    Two of these critical updates fix holes in the company’s newest operating system, Windows Vista, which Microsoft has touted as the most secure ever.

    Vista went on sale to consumers at the end of January; in April, Microsoft broke its once-monthly update schedule with an emergency fix after the company and security experts found hackers were exploiting a hole in the way Vista and other versions of Windows handle animated cursor files.

    Microsoft also Tuesday released a patch for its Visio diagram drawing program and a patch for a vulnerability in Windows that could allow unauthorized users to break into computers to steal passwords and other user information.

    Additionally, Microsoft released seven non-security, high-priority updates Tuesday, including a monthly update to a tool that removes harmful software from PCs.

    On the second Tuesday of each month, the Redmond, Wash.-based software maker releases security updates. Windows users can download patches from Microsoft’s Web site or get them through an automatic update system.

    Spammers are taking advantage of ”Patch Tuesday” to send e-mails that appear to come from Microsoft, but that actually install programs that let hackers gain future access to infected PCs. Fred Touchette, a security analyst for the spam and virus filtering company AppRiver LLC, said he has seen this particular tactic twice before, most recently in 2004. The current attack, which started late last week, is ”pretty small,” he said.

    Keep Reading

    Most Popular

    This startup wants to copy you into an embryo for organ harvesting

    With plans to create realistic synthetic embryos, grown in jars, Renewal Bio is on a journey to the horizon of science and ethics.

    VR is as good as psychedelics at helping people reach transcendence

    On key metrics, a VR experience elicited a response indistinguishable from subjects who took medium doses of LSD or magic mushrooms.

    This artist is dominating AI-generated art. And he’s not happy about it.

    Greg Rutkowski is a more popular prompt than Picasso.

    This nanoparticle could be the key to a universal covid vaccine

    Ending the covid pandemic might well require a vaccine that protects against any new strains. Researchers may have found a strategy that will work.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.