Microsoft predicts attacks within 30 days, targeting a hole plugged by this month’s most-important Windows update.
The patch for this vulnerability is rated “Critical” for all client versions of Windows and for most server editions as well.
Microsoft released an out-of-cycle patch to remedy the IE “Aurora” bug that recently enabled Chinese hackers to attack Google and many other companies.
Separately, Mozilla released not one, but two, updates to Firefox — improving that browser’s security and adding an array of new features.
Not so long ago, Microsoft promised that fewer Windows patches would require restarting the system to complete their installation.
Microsoft clearly hasn’t delivered on that promise, so PC users need to take steps to ensure that they don’t lose data due to unexpected post-update reboots.
January’s lone critical MS patch fixes a problem with embedded fonts — caused by an update released last July.
The new update is critical only for Windows 2000 but should still be applied on all Windows systems to prevent fonts from displaying incorrectly on the Web and in Office apps.
A troubled December upgrade of Microsoft’s cloud-based licensing service is causing serious headaches for organizations that rely on the site to manage software licenses.
After more than a month and counting, the Volume Licensing Service Center remains inaccessible to many Microsoft customers.
If you use XP and haven’t yet installed Service Pack 3, you’ll have to do so before next July if you wish to continue receiving security updates.
Even though XP SP3 looks like a must-do, you may want to wait a while before upgrading your XP machines from Internet Explorer 7 to IE 8.
Yet another Active Template Library hole makes Internet Explorer susceptible to remote code execution.
All versions of IE require a patch that Microsoft released this week to block a malicious ActiveX control from taking over your system.
The patch I identified last week as the most important of those released by Microsoft in November has been found to cause systems with certain ATI and Nvidia adapters to freeze.
You can fix the problem by removing the patch, installing an updated video driver, and reapplying the patch.
Systems running Windows 2000, Windows XP, or Windows Server 2003 are at risk of infection via fonts used on malicious Web sites.
No attacks exploiting this vulnerability have been recorded yet, but I expect them to begin soon — so apply this patch right away.
Two Microsoft add-ons for the Mozilla Firefox browser — .NET Framework Assistant and Windows Presentation Foundation — were temporarily blocked this week by Firefox staff because of vulnerabilities announced by the Redmond company on Oct. 13.
Firefox experts may allow the use of both add-ons by the time you read this, but for safety’s sake, users of all browsers should apply the Microsoft patch immediately.