Its not such a quiet patch day for users of Microsoft Corp.s older operating systems.
The software giant on Tuesday updated two previously released bulletins to add critical security fixes for customers running Windows 98, 98SE and ME.
The decision to release patches for Windows 98 and ME users is described as a “bonus” because of the critical nature of the vulnerabilities being addressed, a Microsoft spokeswoman said. “Those products are out of lifecycle, but we made a commitment to provide critical updates, and thats what youre seeing.”
She said priority was given to rolling out patches for supported products. “After further testing on the out-of-lifecycle platforms, we updated the advisories.”
The patches cover two remote code execution vulnerabilities.
The first, MS05-002, fixes a hole in the cursor and icon format handling feature that could open the door for an attacker to take complete control of an affected system.
Microsoft also added patches to MS05-015 to protect users against a remote code execution vulnerability in the Hyperlink Object Library.
Original versions of the advisories were released during the January and February patching cycles.