Microsoft to finally patch 17-year-old Windows bug

The update will also address a further 25 holes in Windows, five of which are rated as "critical," according to the company.

As well as fixing holes in many versions of Windows, the update also tackles bugs in Office XP, Office 2003 and Office 2004 for Apple Macintosh machines.

The February update for Windows will close the loophole that dates from the time of the DOS operating system. The vulnerability, first appeared on Windows 3.1, has been carried over into almost every version of Windows that has appeared since.

Google's security researcher Tavis Ormandy detected the ancient bug in January 2010, using a utility that allows newer versions of Windows to run very old programs. Ormandy has found a way to exploit this utility in Windows XP, Windows Server 2003 and 2008 as well as Windows Vista and Windows 7.

The bumper update is not the largest that Microsoft has ever released. The security update for October 2009 tackled a total of 34 vulnerabilities. Eight of those updates were rated as critical - the highest level.

In January 2010, Microsoft released an "out of band" patch for a serious vulnerability in Internet Explorer that was being exploited online. The vulnerability was also thought to be the one used to attack Google in China.

Also this week, a security researcher has reported the discovery of a flaw in Internet Explorer that allows attackers to view the files held on a victim's machine.