Microsoft announced that a critical vulnerability was recently discovered and decided to release an immediate security update for all supported versions of Windows. The news surfaced on Wednesday and just two days later the solution was available.

The company’s policy is to release a new security patch on the second Tuesday of each month but considering the present situation, waiting for three more weeks was not an option.

At first, Microsoft did not release many details about the problem, stating through its advanced notification bulletin only that it was critical on Windows 2000, Windows XP and Windows Server 2003 and also tagged it as important on Windows Vista and Windows Server 2008.

Once the patch was out, the company explained through a detailed post the entire thing. The company’s critical MS08-067 bulletin explained the situation: ”The vulnerability is due to the service not properly handling specially crafted RPC requests. An attacker who successfully exploited this vulnerability could take complete control of an affected system.”

He could then install programmes or view, change, or delete data; or create new accounts with full user rights, Microsoft explained.

The flaw is connected to the Windows Server service, more precisely its implementation of "remote procedure call" (RPC), a communications technology deeply embedded in the Windows operating system which allows the execution certain processes from remote programs. These types of vulnerabilities are very dangerous, enabling attackers to infest machines extremely fast with malicious software.

The last time that Microsoft had to address such a critical issue on short notice was back in April 2007 when the company fixed a bug exploited in attack code hosted on hundreds of Web sites.