Microsoft drops security patch from monthly update

Microsoft released four security updates in its monthly ‘Patch Tuesday' bulletin yesterday - one less than planned.

A patch to address a vulnerability in Windows and SharePoint Server, which could allow an attacker to execute privilege escalation attacks, was dropped from the software giant’s security update, according to a Microsoft spokesperson. The bug had a severity rating of important.

Microsoft did address the four remaining vulnerabilities in its September update, released yesterday.

One flaw, with a severity rating of critical, affects Microsoft Agent and allows an attacker to remotely execute code on the affected Windows 2000 system. Users of Windows XP and Vista are not affected, Microsoft said.

Another update tackled a flaw in the software development product Visual Studio, and a further two vulnerabilities, both publicly disclosed, affect Windows Services for UNIX 3.0, and MSN Messenger and Windows Live Messenger, which allow an attacker to gain elevation privilege and take control of the affected system respectively.



Sign up to our newsletters