, The Associated Press 2004-04-13
The patches, released as part of Microsoft's regular monthly update, apply to Windows editions dating to Windows 98, and affect server systems going back to Windows NT Server 4.0.
The repairs are aimed at preventing an unauthorized person from being able to install new programs or to view, change or delete data on someone else's computer.
Similar flaws resulted in the Blaster worm, which hobbled hundreds of thousands of computers worldwide last August.
A security expert predicted that the latest flaws could result in another such attack, perhaps as soon as two weeks from now. Windows users who install the patch would not be affected.
Marc Maiffret of Aliso Viejo, Calif.-based eEye Digital Security Inc., which discovered some of the flaws in September, criticized Microsoft for not taking quicker action.
Stephen Toulouse, Microsoft security program manager, said the company would release a patch sooner if it believed a flaw were being exploited. But Microsoft tries to release patches once a month to make it easier for customers to keep track, he said.
Since the beginning of the year, Microsoft has released 13 patches for critical updates to its software.