Processing .....please wait.. 
The article has been forwarded.... 
News >> Technology >>
Microsoft's Patch Tuesday - security fix for your OS
By siliconindia
|
Wednesday, 13 October 2010, 17:56 IST
Bangalore: Software giant Microsoft released their biggest ever security fix that patches up at least 49 problems in their operating system. It is the highest number of vulnerabilities that Microsoft has faced in a single month.
The patches act as a remedial medicine to fix the long ailing Windows applications, like the Internet explorer (IE) browser and the Microsoft Information Services (IIS) server. Microsoft faces client issues in any major product that is been launched, whether they run Office, Windows Media Player , Internet Explorer, .Net or just Windows itself, there is vulnerability in everything.
Thus, Microsoft released 16 security patches to address 49 problems in its products, many of which were discovered by outside researchers who seek out such vulnerabilities.
Two-thirds of security issues addressed this month earned Microsoft's "critical" rating, meaning very severe. Microsoft labels security flaw critical if bad guys can exploit it remotely to take complete control over the Windows system.
Amol Sarwate, a research manager with computer security provider Qualys said," This is a huge jump, I think the reason for it is that more and more people are out there looking for vulnerabilities." Sarwate explained that the geeks who report such vulnerabilities to software makers are known as "white hat" hackers and there are also plenty of "black hats," or criminal hackers who look for vulnerabilities in software that they can exploit to launch attacks on computer systems.
Interestingly, the patches which are released can even fix the most sorts after virus - the Stuxnet virus. The virus, which infected computers at Iran's Bushehr nuclear power plant, was discovered over the summer. Security research Symantec said that it detected the highest concentration of the virus on computer systems in Iran, though it was also spotted in Indonesia, India, the United States, Australia, Britain, Malaysia and Pakistan.
So far Microsoft has patched three of the four vulnerabilities exploited by Stuxnet's unknown creators.
For the last seven years, Microsoft has issued its security fixes on the second Tuesday of every month i.e., Patch Tuesday. This day is an important day for Microsoft users, as the software is often criticized for being buggy and insecure. Patch Tuesday is known as "Hack Wednesday" in the Hacker community. Here's why. As soon as Microsoft releases its patches, hackers scramble to reverse engineer them.
Although Microsoft has already found the problems and fixed them, the patches still have to be downloaded by the users. Until they do, the Microsoft security update is essentially a treasure map for hackers. These online criminals know that a lot of users don't bother to install their updates right away, so for these people, the security fixes actually work against them.
Constant upgrading and patching of computers is time consuming and could be the reason that a user avoids or ignores the security fix. Sometimes the download of the security software may not be compatible with the existing software and may crash the computer.