Microsoft clarifies Windows URI patch strategy

Microsoft Corp. yesterday clarified what it plans to patch to fix a bug in Windows XP and Server 2003, but said it had no plans to overhaul the operating system's protocol-handling technology. Mark Miller, director of the Microsoft Security Response Center (MSRC), and Mike Reavey, the MSRC's operations manager, acknowledged there was confusion around its […]

Microsoft Corp. yesterday clarified what it plans to patch to fix a bug in Windows XP and Server 2003, but said it had no plans to overhaul the operating system's protocol-handling technology.

Mark Miller, director of the Microsoft Security Response Center (MSRC), and Mike Reavey, the MSRC's operations manager, acknowledged there was confusion around its decision to patch a vulnerability in Windows XP and Windows Server 2003 on systems running Internet Explorer 7.

"There are two separate issues," said Miller, referring to the Universal Resource Identifier (URI) bug in Windows that was the focus of a security advisory issued yesterday, and a larger problem that first surfaced in June but gained traction in July. "The issue [from] back in June is really related to protocol handling, and is really around how third-party applications handle them," Miller said.

Full Article

Microsoft, Internet Explorer 7, IE7, Security, Vulnerability, Bug, Exploit, Protocol-handling bug, Windows XP, Windows 2003, Windows Server 2003, Windows URI, Security Update, Patch

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.