Topic: New security flaws unmasked in Vista, Windows 7

[Samker]

Microsoft has just issued security patches for six critical Windows flaws: http://www.microsoft.com/technet/security/current.aspx
It's part of Patch Tuesday, the second Tuesday of every month, when the software giant issues security updates for its operating software.

This comes as a researcher named Laurent Gaffie points to fresh, unpatched flaws in Windows Vista and Windows 7: http://g-laurent.blogspot.com/
Threatpost blogger Dennis Fisher reports that there already is a proof of concept program circulating that would enable an attacker to remotely crash vulnerable machines via the flaws uncovered by Gaffie.

Two of today's patches resolve weaknesses in how Windows handles ASF and MP3 media files. It's a simple matter for a hacker to install a corrupted ASF or MP3 file on a legit web page. Then, "all a user would have to do is visit a compromised Web site hosting one of these malicious files, and they would become infected," says Ben Greenbaum, senior research manager for Symantec Security Response.

Other patches released today are designed to stop hackers from sending specially crafted packets to your Windows Vista PC or a Windows 2008 server to take over control, says Jason Miller, security and data team manager for Shavlik Technologies.

Bottom line for home users: make sure your Windows auto-update program is enabled and install the latest patches - and cross your fingers that cyber criminals don't try to exploit the Vista flaw before Microsoft can come up with a patch.

(USA Today)