SEATTLE - Microsoft Corp. said Thursday it had completed a software patch for its Windows operating system to fix a flaw that has spawned attempts to take control of Internet-connected computers.
The Redmond software maker planned to release the patch on its Web site. Initially, Microsoft said it didn't expect to do so until at least Tuesday, but the company said it finished testing earlier than planned.
The flaw is in an element of Windows that is used to view images. If a user is tricked into viewing an image, such as on a malicious Web site or within an e-mail attachment, that person's computer could be attacked.
Microsoft confirmed last week that some people were trying to take advantage of it. On Thursday, the company said outbreaks appeared to be limited.
One mitigating factor is the fact that the vulnerability requires a person to take action, such as opening an e-mail from a stranger or following a link to an unknown Web page.
Nevertheless, security experts have said the flaw could still pose a risk because personal firewalls offer little protection and the attacks can easily be modified to get around security software such as antivirus programs. Also, the flaw affects versions of Windows desktop and server software going back to Windows 98.
Microsoft had offered some technical options for decreasing the risk of an exploit. Other security companies had prepared their own patches while Microsoft worked on the official one.
On the Net:
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
The Augusta Chronicle ©2012 Morris Communications, LLC. All Rights Reserved.