| |
CX2SA > VULNER 10.11.05 04:07l 54 Lines 2246 Bytes #999 (0) @ WW
BID : 58274_CX2SA
Read: GUEST
Subj: Microsoft warns of latest flaw
Path: DB0FHN<DB0FOR<DB0SIF<DB0EA<DB0RES<DK0WUE<7M3TJZ<CX2SA
Sent: 051110/0156Z @:CX2SA.LAV.URY.SA #:58274 [Minas] FBB7.00e $:58274_CX2SA
From: CX2SA@CX2SA.LAV.URY.SA
To : VULNER@WW
Microsoft warns of latest flaws
===============================
Microsoft warned Windows users of three critical flaws in its software and
urged them to install patches.
The security holes affect the way Windows handles certain graphic files.
If left unplugged, they could allow hackers and virus writers to take control
of personal computers remotely.
Users of Windows XP, Windows Server and an updated version of Windows 2000 are
advised to install a patch, which can be downloaded from the Microsoft website.
Hacker interest
---------------
Microsoft issued the patches as part of its monthly security bulletin, with the
most serious of the flaws awarded a 'critical' status.
The latest warning is related to how the operating system renders the Windows
Metafile (WMF) and Enhanced Metafile (EMF) image formats.
Two of them could potentially allow a hacker or virus writer to gain control
over a Windows PC, and security experts believe they may be exploited.
"It wouldn't surprise me if this didn't get the interest of the hacker
community," said Graham Cluley, senior technology consultant at net security
firm Sophos.
"It is interesting because a hacker could either direct someone to a website
containing one of these graphics or send an HTML e-mail containing one and that
would be enough," he said.
Microsoft began its monthly security bulletin in 2003 to make it easier for
users and those responsible for computer systems to install patches and keep
track of issues in its software.
***********************************************************************
* CX2SA:BBS CX2SA-6:CLUSTER CX2SA-7:WX CX2SA-8:APRS/DIGI/IGATE *
*---------------------------------------------------------------------*
* RF: 7.040 KHz TCP/IP: cx2sa.dyndns.org Port 23 CLUSTER: Port 9000 *
*---------------------------------------------------------------------*
* SysOp: Jose Maria Gonzalez Devitta * E-mail: cx2sa@adinet.com.uy *
* Minas * Lavalleja * URUGUAY * South America * [GF25JP] *
***********************************************************************
Read previous mail | Read next mail
| |