|
Virus Information Microsoft
Issues CRITICAL Security Updates
Please be advised that yesterday Microsoft released software updates -- three are rated as "CRITICAL" and one as "IMPORTANT" -- targeting more than 20 flaws or vulnerabilities in its Windows operating systems. The 3 CRITICAL updates cover a series of remote access and denial of service-type attacks that could be carried out within various aspects of Windows XP, 2000, NT4, Windows 98 and Server 2003, as well as an update for a flaw in Outlook Express 5.5 and 6. One of the most serious holes takes advantage of a weakness in the "Remote Procedure Call" mechanism -- a part of the operating system designed to allow a program running on one computer to execute code on another computer. Legitimately used, the tool allows desktops to access a network server, or central computer, for files. A flaw in the Microsoft Outlook Express email system could let a hacker seize files on a hard drive, according to Microsoft. The 1 IMPORTANT update affects the same versions of Windows, but plugs a remote code execution hole in the Jet Database Engine. (I don't have a clue what that means but trust that plugging the hole is a good thing.) These latest releases bring the number of updates since Microsoft began releasing its patches on a monthly basis last year to 14. Of these, seven have been identified as critical. None of the new vulnerabilities are being exploited YET but the patch for Outlook Express is cumulative and does include previously published fixes for vulnerabilities that are in the wild. Microsoft advises users to download and install the updates IMMEDIATELY! More information is available on the Microsoft site at this pinpoint URL:
back to Technology Content Index
Events
Calendar What's
New
|
|