No, this is not a reposted article:
“Microsoft alerted PC users to three critical security flaws in Internet Explorer and Windows [today], as the MSBlast worm and its variants used a previous vulnerability in Windows to spread across the Net for a second week. The software giant released a cumulative patch for Internet Explorer that fixes several vulnerabilities previously disclosed by the company, and it re-released an advisory for Microsoft’s SQL Server software, warning that a flaw in that program actually affects most Windows users,” reports Robert Lemos for CNET News.com
Lemos explains, “Users who don’t patch their systems could leave the computers open to attack through a fake Web page or an HTML e-mail that contains the specific exploit code, said Stephen Toulouse, security program manager for Microsoft’s security response center. ‘The Internet Explorer bulletin is rated as ‘critical’ across all platforms except Windows 2003,’ Toulouse said. A critical rating is the highest grade that Microsoft assigns to its alerts.”
“The other critical vulnerability affects all supported versions of Windows and was originally thought to be a vulnerability in Microsoft’s SQL Server but is, in fact, a flaw in the omnipresent Microsoft data access component (MDAC). Windows 2003 doesn’t have the vulnerable software installed by default, but a user could have downloaded the programs and so could be vulnerable,” Lemos reports.
Full article here.