Microsoft announced a record number of security fixes for its regularly scheduled monthly security patch release, plugging 31 separate flaws. Although the volume of fixes Microsoft announced is reminiscent of what Mac OS X users face from Apple on a far more haphazard schedule, this week's bumper crop is notable for a more serious reason: More than half of the flaws Microsoft fixed are rated "critical," meaning malicious users could exploit them to take control of users' PCs.
The critical flaws involve such products as Internet Explorer (IE) 8—although not the version in the Windows 7 release candidate—the IIS web server, and Microsoft Excel (especially Excel 2000). Additionally, Microsoft has enhanced its Malicious Software Removal Tool to detect and remove the Internet Antivirus Pro program, which masquerades as security software but really infects the PC with malware. Microsoft says this application has infected tens of millions of PCs by fooling users with pop-up windows that warn of infection.
As always, common sense rules the day. Microsoft recommends, as do I, that users enable Automatic Updates and let Windows automatically fix these problems for you. Otherwise, you can manually visit Windows Update to download and install any relevant fixes.
