NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Home / News / Microsoft / Patches and Vulnerabilities

Patches and Vulnerabilities

Microsoft Leaves Windows 7 Beta Vulnerability Unpatched

Plugs 2 critical holes in XP SP3, 2 moderate in Vista SP1

By Marius Oiaga, Technology News Editor

14th of January 2009, 11:04 GMT

Adjust text size:

Microsoft will leave a security vulnerability in Windows 7 go unpatched until the next development milestone of the operating system, which, as far as the general public is concerned, will be the Release Candidate. The SMB Validation Denial of Service vulnerability is rated Moderate by the Redmond company, and Christopher Budd, security program manager in the Microsoft Security Response Center, explained that this was precisely the reason why the issue had not been resolved simultaneously with the patches provided for all supported versions of Windows. Windows 7 Beta Build 7000 was made available for download on January 10, 2009.

“We know that there might be some questions about the beta version of Windows 7 and today’s bulletin. Windows 7 is affected only by the SMB Validation Denial of Service Vulnerability (CVE-2008-4114) and, like Windows Vista and Windows Server 2008, would be rated as Moderate because the vulnerability would require authentication for any attack to succeed,” Budd stated.

“We provide security updates for beta versions of Windows through Windows Update for Critical issues only. So, the SMB Validation Denial of Service Vulnerability (CVE-2008-4114) will be addressed in the next public release for Windows 7.”

As initially planned, Microsoft offered a single security bulletin designed to patch vulnerabilities in all supported versions of the Windows operating system on January 13, 2009.

According to the software giant, the vulnerabilities patched by the security update are exposing users of Windows 2000, Windows 2003 Server, and Windows XP, including SP2 and SP3, to the highest level of risk, as the platforms are affected by three holes: the SMB Buffer Overflow Remote Code Execution vulnerability, the SMB Validation Remote Code Execution vulnerability, and SMB Validation Denial of Service vulnerability. Windows Vista and Windows Server 2008 are impacted by just the last two.

“We are releasing one new bulletin today, MS09-001. This bulletin is rated as ‘Critical’ for Windows 2000, Windows XP and Windows Server 2003, and is rated as ‘Moderate’ for Windows Vista and Windows Server 2008,” Budd added.

Windows 7 Beta is available for download here.

TAGS:	Windows 7 \| vulnerability \| patch \| security bulletin	SHARE THIS
Read by 2,318 user(s) \| Add comment \| Link to this article		TWEET THIS

Article rating:

Excellent (5.0/5)

4 vote(s)

Subscribe to news |

Print article |

Send to friend

SEARCH THE NEWS ARCHIVE :

Today's News | Yesterday's News | News Archive

User opinions:

No user comments yet.

Be the first to express your opinion using the form below!

Share your opinion:

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| ENTER NEWS SITE \| ENGLISH BOARD \| ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use \| Update your software \| Archive