Thursday, October 16, 2003 Posted: 12:19 AM EDT (0419 GMT)
WASHINGTON (AP) -- Microsoft Corp. warned consumers Wednesday about four new flaws in its popular Windows software as the company shifted to monthly alerts for serious problems that could let hackers break into computers.
In particularly embarrassing disclosures, Microsoft acknowledged problems in its technology to authenticate software publishers over the Web and in its Windows help and support system.
The company said it did not believe hackers were yet exploiting any of the vulnerabilities it announced.
Microsoft said last week it will begin issuing monthly warnings and software patches, responding to frustration from technology managers who must apply sporadic patches each week across hundreds of computers inside corporations.
The company said it expects to release future warnings on the second Tuesday or Wednesday of each month. It has promised to rush out an emergency patch midmonth if it determines hackers are actively breaking into computers using a flaw it can repair immediately.
Separately, Microsoft began offering Windows XP users a single, convenient patch that combines 22 previous updates. It was aimed at customers who haven't diligently applied every software patch or who recently bought a new computer or recently installed Windows from scratch.
All four of the most dangerous new vulnerabilities affect versions of Windows 2000, which is commonly used by corporations and government agencies. Three of them also affect other Windows versions, including Microsoft's flagship Windows XP software, popular among home users, and Windows Server 2003 for businesses.
Security Update for Microsoft Windows 2000 (KB828035)
Security Update for Microsoft Windows 2000 (KB825119)
Security Update for Microsoft Windows 2000 (KB826232)
Security Update for Microsoft Windows (KB823182)
Security Update for Microsoft Windows (KB824141)