Microsoft has re-issued another security patch that it originally published in August over a bug that can corrupt users' files. The patch is the third that Microsoft has had to fix from its August set.
Version 2.0 of MS06-049, "Vulnerability in Windows Kernel Could Result in Elevation of Privilege," was posted on Tuesday, the same day that Microsoft issued an emergency out-of-cycle patch to fix a VML flaw in Internet Explorer.
The original version of MS06-049 was designed to fix a security vulnerability that could allow attackers to take over a system. In September, Microsoft warned that the original version could corrupt files on NTFS-formatted drives when using Windows compression. Microsoft issued a hotfix earlier this month, which was only available to companies who individually contacted Microsoft support.
Version 2.0 of the patch includes the hotfix and fixes additional problems, Microsoft said. "This update resolves a newly discovered, publicly reported vulnerability and additional issues discovered through internal investigations," said an advisory. The issue affects Windows 2000 systems, Microsoft said. The other August patches that have been reissued are MS06-042, an Internet Explorer bug that was released three times, and MS06-040.
Following Tuesday's emergency IE patch, Microsoft said it is also investigating attacks targeting a previously undiscovered flaw in PowerPoint.