Researchers from eEye Digital Security have reported a vulnerability in numerous Microsoft Windows operating systems.
The disclosure came on the heels of Microsoft’s release this week of an early patch for a vulnerability in the way Windows handles animated (ANI) files. eEye had released a third-party patch for that flaw.
The flaw affects Windows 2000, 2003 and XP operating systems, and was reported to Microsoft on March 27, according to the eEye advisory.
Sean Martin, eEye director of product marketing, told SCMagazine.com today that the flaw has not yet been exploited in the wild.
A Microsoft spokesperson said today that the company is investigating reports of the flaw, but is not aware of any attacks attempting to use it.
The highest severity rating for any of these flaws is "critical," according to Microsoft.
Some researchers have expressed displeasure with Microsoft’s patching procedures, suggesting the Redmond, Wash. company should alter its long-standing monthly patch release schedule.
Click here to email Online Editor Frank Washkuch Jr.