Three critical fixes star in Microsoft patch

Three of the seven patches Microsoft released on Tuesday were rated “critical,” which is the highest ranking Microsoft uses. These patches were meant to fix flaws in handling streaming media by Microsoft DirectX, bugs in Windows Media Format Runtime, and multiple vulnerabilities in Internet Explorer, all of which pose a severe risk. In all three cases, the vulnerabilities addressed by the update create a possible means for hackers and cyber-criminals to smuggle malware onto, or otherwise attack, vulnerable computers. Hackers are actively exploiting one of the flaws in IE to attack vulnerable machines, the SANS Institute’s Internet Storm Centre warns. The remaining four “important” updates address a number of flaws, including some in Windows Vista and a security bug in DRM software from Macrovision that comes bundled with Windows. In November, Macrovision issued a patch to address flaws in its SafeDisk utility that have become the target of various attacks by crackers.

Source: http://www.theregister.co.uk/2007/12/12/dec_black_tuesday_update/