'Critical' patches released for Windows, IE. Microsoft on Tuesday released two critical patches for its Windows operating system, but a patch for the underlying security problems with Internet Explorer 6 is not yet ready for prime time....
Published: January 11, 2005, 3:21 PM PST By Dawn Kawamoto Staff Writer, CNET News.com One critical patch is designed to resolve the security issues surrounding the HTML Help ActiveX control in Windows. Security experts had warned Microsoft about this problem and were pushing the vendor to take quick action, given that an exploit for the vulnerability existed.... The second critical patch addresses vulnerabilities in systems from Windows NT servers to Windows XP involving the cursor and icon format handling. Attackers could exploit the vulnerabilities by creating a specially crafted Web page that would have malware.... Microsoft also issued a third patch for Windows indexing service, with the threat level rated as important but not critical. That's because the indexing component is turned off by default, making it more difficult for an attacker to access index contents in Windows Media, for example, Toulouse said.
The only easy day was yesterday.
...some do, some don't; some will, some won't (WR)