If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Update on the Critical Unpatched Windows Flaw - Washington post
Security Fix warned readers on Wednesday about thousands of malicious Web
sites that are using an unpatched Windows security hole to install spyware, spam-ware and other programs on computers when their owners merely browse to one of these sites. As serious as this situation is -- and it is hard to find a recent Windows threat as potentially dangerous as this one -- the problem may be more dire than initial reports suggested. For one thing, the vulnerability being exploited -- a flaw in the way the operating system renders Windows Metafile or "WMF" image files -- affects even fully patched Windows systems, and not just Windows XP and Windows 2003 Web server, as previously thought. According to an advisory published by Microsoft late Wednesday, the flaw is present in every Windows version dating back to Windows 98. Wednesday's Security Fix post on this threat was picked up by geek news site Slashdot, where several readers poo-pooed the exploit, saying that WMF files are hardly used anymore. Whether they are or not is beside the point: According to Symantec, the flaw can be exploited using more familiar image file extensions, such as ".gif" or ".jpg". What's more, this vulnerability could be exploited by causing an infected image file to be displayed in any software that relies on the flawed Windows WMF rendering engine. Put simply, that means the exploit would work if an user merely viewed one of these images in the preview pane of an e-mail application like Microsoft Outlook, or even one cut-and-pasted into an attached Microsoft Word document. |
Ads |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Windoes update failure | Dennis | Performance and Maintainance of XP | 3 | January 23rd 06 02:26 PM |
Network and Hardware config | Mike Jones | Windows XP Help and Support | 4 | November 23rd 05 04:47 PM |
Uninstall hotfixes and security updates to re-install XP SP2? | Mike | General XP issues or comments | 2 | November 2nd 05 05:38 PM |
Can't install Critical Update for Windows XP Media Center Edition2004 (KB838358) | Ant | Windows XP Help and Support | 7 | May 19th 05 03:21 AM |
WUP fials to update XP HighMAT | David Beardmore | The Basics | 0 | July 31st 04 05:22 PM |