Cumulative Patch for Internet Explorer for Windows Server 2003 (818529)
Less than two months after launching its Windows Server 2003 operating system, Microsoft has released a security patch to fix a vulnerability that could let malicious sites run damaging code on the server. Although security experts–even those at Microsoft itself–had pointed to the company’s latest server OS as the first test of the software giant’s massive Trustworthy Computing initiative, representatives maintained that the patch did not mean the release had been a failure in its security practices.“It actually highlights positive progress in Trustworthy Computing,” said Microsoft’s U.K. security chief, Stuart Okin, explaining that Server 2003 is significantly hardened in comparison to previous versions of Windows.
The vulnerability has less effect on Server 2003 because it relies on services that are switched off by default in that version of Windows, explained Okin. Earlier versions of Windows have services switched on by default, which can be used to form part of an attack. The company has already issued tools to lock down previous versions of Windows, but these are not universally applied.
Windows Server 2003 is the first major release of Windows to come out since the company’s much publicized decision to emphasize security and make sure all its code is safe. The operating system was delayed three times, partly to improve security and reliability. It has therefore been seen as a test of whether the company really can make products that are more than secure, and stem the deluge of security flaws and vulnerabilities that have marred its OSes in the past.
The new flaw affects Internet Explorer 6, which ships with Windows Server 2003 as well as with other Microsoft OSes. It is fixed, along with other IE6 flaws, in a cumulative patch released Wednesday. Although the patch is rated “critical” for all other operating systems, it is only “moderate” for Server 2003, according to Microsoft’s system for grading the severity of the vulnerabilities it addresses.
Download : Patch for Internet Explorer for Windows Server 2003 (818529)
View : details
页:
[1]