Microsoft issues 'critical' patch outside normal cycle

Patch addresses vulnerability in Windows that could allow attackers to take hold of a user's computer and launch code remotely.

Dawn Kawamoto Former Staff writer, CNET News

Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.

See full bio

Dawn Kawamoto

Oct. 23, 2008 9:24 a.m. PT

Microsoft will issue a patch for a "critical" security flaw in Windows, the company said Thursday. The patch comes outside of its normal monthly patching cycle due to the severity of the issue.

The vulnerability can result in a remote code execution, in which malicious attackers could take control of a user's computer to launch code.

According to Microsoft's bulletin, the vulnerability is found in Windows 2000 with Service Pack 4, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Microsoft will hold a Webcast at 1 p.m. PDT to address the issue.

Issuing patches outside of its monthly cycle is rare for Microsoft. The last time it happened was April 2007, according to a Microsoft representative.