On Tuesday, Microsoft issued three security updates as part of its regularly scheduled monthly security release schedule. Additionally, the company also issued its first version of a malware removal tool that Microsoft says it will update monthly as well.
Two of the three issued security fixes carry the "critical" rating, which means that they fix the most severe type of bug. Most notable, however, is the fact that one of the critical fixes applies to Windows XP Service Pack 2 (SP2), which was released last August. This is the first critical security fix for XP SP2, which has been widely acknowledged as the most secure client version of Windows yet produced.
Predictably, the flaw that affects XP SP2 is found in Internet Explorer (IE), the security-challenged Web browser that has been at the heart of so many electronic exploits. An attacker who exploits the flaw could gain control of a user's computer, Microsoft says.
The third security fix, which carries the rating of "important," applies to XP and Windows Server 2003. It also involves the possibility of attackers gaining remote control of PCs. All of the fixes are available from the usual locations, including Automatic Updates, Windows Update, and the Microsoft Security Web site.
Microsoft also released the first version of its malware removal tool, called the Microsoft Windows Malicious Software Removal Tool (MSRT). Early reports suggested that this tool would be an antivirus solution, but the reality is far less exciting. Instead, the MSRT is simply a roll-up of all of the malware removal utilities that Microsoft had previously released. It scans your PC and removes various viruses and worms, including Download.Ject, MSBlaster, and MyDoom. However, it doesn't protect against other malware, and doesn't include any real-time scanning capabilities. Microsoft says it will release new versions of the tool each month alongside its monthly security updates. You can find out more information about the tool on the Microsoft Web site.