[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 6 January 2006, 11:45 GMT
Microsoft rushes out Windows fix
Windows XP, Getty Images
The severity of the bug has forced Microsoft to move quickly
The severity of a recently discovered bug in Windows has made Microsoft release a patch for the loophole early.

Originally Microsoft was due to release the patch on 10 January as part of its regular monthly security updates.

But the number of malicious hackers preparing to exploit the bug has led the software giant to speed up the release.

Before Microsoft produced its patch, users had been relying on unofficial fixes to protect themselves.

Attack vector

The fix now available closes a loophole found in the way that many versions of Windows handle certain types of images.

By putting exploit code in webpages or e-mail attachments, the loophole could be used to take over a Windows PC or install spyware that could be used to gather confidential information.

Vulnerable versions of Windows include include ME, 2000, XP and Server 2003.

The Windows Meta File vulnerability was first found on 27 December and Microsoft was planning to fix the problem in the scheduled security update that usually takes place on the second Tuesday of every month.

In the interim, expert Windows programmer Ilfak Guilfanov produced an unofficial patch but many found it hard to get hold of this fix as the site hosting it was regularly overwhelmed by users keen to protect themselves.

Initially Microsoft played down the discovery of the bug and said there was little evidence that malicious hackers were moving to exploit it.

However, as tools began circulating online that made it much easier to craft code to exploit the bug many security experts feared that a major incident was imminent.

Security firms reported that attacks mounted via the bug were starting to stack up.

Microsoft said it brought forward the release of the patch because of "strong customer sentiment that the release should be made available as soon as possible".

Users were urged to download and apply the patch and update anti-virus and anti-spyware programs immediately.

Windows bug awaits Microsoft fix
04 Jan 06 |  Technology
Sites exploit Windows image flaw
29 Dec 05 |  Technology
Criminals target viruses for cash
28 Dec 05 |  Technology
Holes found in PC virus defences
19 Dec 05 |  Technology
Browser users urged to patch up
14 Dec 05 |  Technology
Microsoft warns of latest flaws
09 Nov 05 |  Technology


The BBC is not responsible for the content of external internet sites


Americas Africa Europe Middle East South Asia Asia Pacific