Microsoft Corporation released nine security patches yesterday, including one for a flaw that could allow an attacker to create an outbreak similar to the Sasser worm that crippled computers worldwide.
The flaw in Microsoft's dominant Windows operating system was one of three that the Redmond-based software company said warranted its highest rating of "critical." All of them could allow an attacker to take complete control of another person's computer without that person's permission.
Microsoft also released six less critical updates for its Windows operating system, including one that also affects the company's Exchange Server product.
Marc Maiffret, an executive with eEye Digital Security Inc. of Aliso Viejo, California, said he expected the flaw that could create a Sasser-type outbreak to be exploited in some way. Maiffret, whose company discovered the flaw, said such an exploitation could be anything from a crude attempt that results in little disruption to a sophisticated, crippling attack.
Sasser snarled hundreds of thousands of computers, costing millions of dollars in damage, reported AP.