Patch for critical Windows vulnerability coming

Software maker says a fix is coming on Patch Tuesday for an unspecified hole in various operating-system versions that could allow a hacker to gain control of a computer remotely.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Jan. 9, 2009 10:54 a.m. PT

Updated January 9 to clarify that vulnerability is critical for some of the software and moderate for other Windows versions.

Microsoft will issue a patch on Tuesday for Windows vulnerability that could allow a hacker to gain control of a computer remotely, the company said in an alert on Thursday.

Microsoft also plans to host a Webcast at 11 a.m. PST as part of Patch Tuesday, which comes the second Tuesday of every month. There will be just one security update.

The vulnerability is considered critical for Windows 2000, Windows XP, Windows Server 2003, and moderate for Windows Vista and Windows Server 2008, Microsoft said.

The software maker will also release nonsecurity updates on Windows Update and Windows Server Update Services, as well as an updated version of the Microsoft Windows Malicious Software Removal Tool.