Microsoft Fixes Flaw In Vista
patches for Windows 2000, XP, and Server 2003
One of the 10 security updates -- MS06-061 -- applies to Windows Vista RC1, the last widely-distributed preview of the operating system. Unlike that bulletin's patches for Windows 2000, Windows XP, and Windows Server 2003, which were pegged as "critical" in Microsoft's four-step ranking, the Vista fix was labeled "important," one level below the top.
Neither the MS06-061 security bulletin nor the Knowledge Base article cited by the Vista update gave any further information about Vista, the patch's impact, or possible workarounds.
That, said Microsoft, was by design.
"We provide information in our security bulletins and associated knowledge base articles about security updates for released products," said a company spokesman. "Updates for pre-release products such as Windows Vista are provided through specific channels for that product."
Vista has been patched before. In January, it issued a Vista fix for the already-exploited Windows Metafile vulnerability, then seven months later, unveiled 2 of August's 12 updates for Windows Vista Beta 2. At that time, the Vista security team said it would continue to patch Vista through pre-release testing, but that the practice would end as soon as the OS was released to manufacturing.