Bad news from Microsoft. Below is an excerpt from the Washington Post article titled Microsoft’s Emergency Patch Mess.
Microsoft today released a pair of emergency software updates (Redmond calls them “out-of-band” updates). Yes, that’s right folks: If you use Windows — and especially if you browse the Web with Internet Exploder Explorer – it’s once again time to update.
The backstory to these patches is a bit complex, so here’s the short version: A while back, Microsoft introduced several security flaws into a set of widely-used third-party software development tools, and today it’s correcting that error by issuing an updated set of tools. Another update tries to block attackers from exploiting those weaknesses while third-party software makers figure out how to fix their code with the updated tools.
On a scale of 1 to 10, with 10 being the most dire and far-reaching, Eric Schultze, chief technology officer at Shavlik Technologies, said he’d put the seriousness of today’s out-of-band patch releases at an 8.
“When I was at Microsoft, there were a couple of issues that we referred to as ‘Voldemort,’ meaning they were so nasty you didn’t even want to speak their names, and this one is kind of like ‘Son of Voldemort,'” Schultze said. “You really start to lose confidence in Microsoft’s security mechanisms when something like this happens.”