Microsoft Releases Critical Security Patch to Prevent Unauthorized Code Execution

On October 12, Microsoft released a critical security patch (MS04-032) that corrects four vulnerabilities in selected versions of Windows XP and Windows Server 2003. The vulnerabilities could permit unauthorized control of an exploited computer or a denial of service against an exploited computer. It is strongly recommended that this operating system patch be applied.

One of the four vulnerabilities is related to mishandling of Windows Metafile (WMF) and Enhanced Metatfile (EMF) images. Users are advised to use caution prior to opening up email file attachments possessing a WMF or EMF format ? particularly unsolicited files. Please see http://www.microsoft.com/technet/security/Bulletin/ms04-032.mspx for further information. Due to the large number of recently released Microsoft critical security patches, it is recommended that you verify that all outstanding Microsoft critical patches are applied by using your Internet Explorer Web browser to visit: http://www.windowsupdate.com.

10/20: Update: we have received reports that before installing this patch to Dell Optiplex GX-150 and GX-150 computers running Windows 2000, the Intel Ultra ATA storage driver (IntelATA.sys) may need to be uninstalled. Otherwise the computer may not reboot properly. Booting the computer to safe mode and using the Control Panel Add/Remove programs function to uninstall the driver should resolve the problem.