Troublesome Surprise

This month's Patch Tuesday arrived with a rather unwelcome security surprise.

Microsoft (Nasdaq: MSFT) had expected things to be somewhat sedate; however, instead of two vulnerabilities that it expected needed patching, it got hit with four, including a new zero-day Internet Explorer exploit.

Further, Microsoft has had to update its Malicious Software Removal Tool to include Win32/Helpud, a Trojan that's been around since 2008. In addition, it's keeping an eye on a VBScript vulnerability that could allow remote code execution.
Lazy, Crazy, Hazy Days Are Gone

On Monday, Microsoft issued its advance notification security bulletin for Patch Tuesday. This slated Bulletins MS 10-016 and MS 10-017 for release Tuesday.

On Tuesday, it added Bulletins MS 09-033; 981374, revived a warning about the Win32/Helpud Trojan first published in December 2008, and said it "continues to monitor" the threat landscape around Security Advisory 981169 about the VBScript vulnerability.

The expansion was unexpected. "Contrary to what we expected last week, the Microsoft March security announcement has a little surprise in it," Wolfgang Kandek, chief technology officer of Qualys, wrote in his blog.

He described Windows Producer as "a little-used multimedia add-on to PowerPoint".
Another Day in IE

A new Internet Explorer vulnerability, which could allow remote code execution, has surfaced.

Like the vulnerability that led to hack attacks on Google and more than 20 other large American companies -- a series of events that escalated to spark off a war of words between the United States and China -- this latest flaw is due to an invalid pointer reference, according to Redmond.

However, the two are unrelated, Microsoft spokesperson Jerry Bryant told TechNewsWorld.

Microsoft's investigations show that IE 6 Service Pack 1 on Windows 2000 Service Pack 4, and standalone versions of IE 6 and IE 7 are vulnerable. However, IE 8 and IE 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected.