Microsoft today deviated from its regular pattern of releasing security updates on the second Tuesday of each month, pushing out an emergency patch to plug a security hole in all supported versions of Windows. The company urged Windows users to install the update as quickly as possible, noting that miscreants already are exploiting the weaknesses to launch targeted attacks.
A researcher with IBM said that a dangerous bug that existed in every version of Windows from Windows 95 onwards has finally been fixed.
Robert Freeman, manager of IBM X-Force, said that it told Microsoft about the bug in May this year and at last Microsoft is fixing it.
Here's a summary of the four "critical" patches this month; the top one is super critical or, if you will, Heartbleed critical:
Microsoft is offering a bumper crop of security patches next week as part of its traditional Patch Tuesday fix fiesta.
A total of 16 patches are on the way this month, five of which are labelled 'Critical'. All five affect Windows and one also involves Internet Explorer.
Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft's Windows Update mechanism.