This flaw also affects Windows XP, Server 2003, Vista, Server 2008, Windows 7, and Server 2008 R2 - but Microsoft considers the flaw a low-risk in those operating systems.
Security managers who have been paying attention may had of been expecting a fix for the potential denial-of-service condition in Windows 7 (and Windows Server 2008 R2) that was announced publicly by a security researcher about two months ago. From Thomas Claburn's story, Microsoft Investigating Zero-Day Windows 7 Flaw on the impact:
"The operating system actually freezes," he said [Simon Price, writing for the Praetorian Perfect blog]. "There is no error message, no blue screen of death, no indication that anything has gone wrong. Even after power cycling, the event logs show no sign of a mishap, aside from the typical events generated from booting up again."
A fix for this flaw wasn't in the Advanced Notification Bulletin, so we'll probably have to wait until at least next month for a fix, unless Microsoft releases something in the meantime.
While today is what has become known as "Patch Tuesday" for Microsoft customers, the most important patches today may come from Adobe and Oracle.
Adobe is set to publish a fix for a Zero Day vulnerability in its PDF format that has been the target of attacks recently.
For its part, according to this pre-patch announcement, Oracle plans to publish two dozen security patches today. More than one-third of the patches are for Oracle's Database Server, with others for Application Server, Applications Suite, among others.
For security managers, today will be a busy one, as they scramble to dispatch more than two-dozen patches for three vendors.