Windows 7 OS Scores Its First Critical Security Flaw

In its customary Patch Tuesday cycle, Microsoft has issued first security update to its newly launched Windows 7 beta that addresses a critical flaw that leaves users at a risk of having their computer systems captured remotely if they access a maliciously designed image.

However the security update was released along with Microsoft’s Patch Tuesday, the company didn’t exactly notify that it was bringing an update to Windows 7, as the security bulletin summary, which contained the list of affected software, indicates only towards Windows 2000, XP, Vista, and Windows Server 2003 and 2008.

The security update, codenamed as MS09-006, which researchers labelled as the most severe of the three released on Tuesday and the one needed to be patched first, comprises a critical bug in the way kernel process the input delivered by the graphical device interface (GDI).

The update can be downloaded from the Microsoft Download Centre for both 32-bit and 64-bit systems, and the company describes this update by saying, “A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft”.

The company further notified that as the users install this new update, they may have to restart their computer system, and the update is licensed under Windows 7 Prerelease License Terms.

Go To Page 2 for our comments and more related links

Our Comments

Windows 7 is such a complicated Operating System (as are all mainstream operating systems) that it is not surprising that it hides a few nasty security surprises. Expect more to raise their heads in the next few months as Microsoft prepares Windows 7 for the big day.

Related Links

Critical security update includes Windows 7 beta

(CNet)

Microsoft patches first critical bug in Windows 7 beta

(Info World)

Microsoft Plugs Eight Windows Security Holes

(The Washington Post)

Windows 7 beta gets its first security update

(Ars Technica)

Microsoft releases three security bulletins

(Help Net Security)

Microsoft fights "evil" kernel bug

(PC Pro)