Microsoft pushes patches out of the door

Microsoft sent a number of patches for Windows Vista and for Windows XP yesterday as part of the monthly Patch Tuesday.

Two security patches solved vulnerabilities on Windows with one of them - MS08-001 - labelled as critical by Microsoft.

The code "resolves two privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

The problem affects all version of XP, Vista, Windows Server 2003 and Windows 2000.

Another vulnerability - MS08-002 - affects the Windows Local Security Authority Subsystem Service (LSASS) and "could allow an attacker to run arbitrary code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

Microsoft has also released five other important updates as well as a new version of its "Windows Malicious Software Removal Tool."