Microsoft investigating new Windows flaw

Software maker says it's looking into reports of a vulnerability that could allow malicious code to be run on machines running Windows XP or Windows 2000.

Microsoft said on Tuesday that it is looking into reports of a new Windows flaw that could compromise the security of machines running older versions of the operating system.

In an advisory on its Web site, Secunia said that the vulnerability is due to a boundary error in a function included in Windows XP and Windows 2000 that, if exploited, could allow malicious code to be executed. The firm rated the vulnerability as "moderately critical."

"Microsoft is investigating new public claims of a possible vulnerability in Windows 2000 and Windows XP," group manager Jerry Bryant said in a statement. Bryant said Microsoft is unaware of any attempts so far to build an attack based on the vulnerability and included Microsoft's standard language that it will take appropriate action, which could include releasing an update as part of the company's monthly patches or issuing an unscheduled update.

Microsoft had noted in a Twitter posting on Monday that it was investigating the issue.

About the author

    During her years at CNET News, Ina Fried has changed beats several times, changed genders once, and covered both of the Pirates of Silicon Valley. These days, most of her attention is focused on Microsoft. E-mail Ina.


    Discuss Microsoft investigating new Windows flaw

    Conversation powered by Livefyre

    Show Comments Hide Comments