The Broadband Guide
SG
search advanced

Microsoft plugs critical Windows, Office holes

2010-07-13 14:50 by
Tags: ,

 

Microsoft issued four security bulletins on Tuesday to fix five holes in Windows and Office, including a critical vulnerability in a Windows Help and Support Center feature that has been targeted by attacks.

The vulnerability in the online help feature, which is delivered with supported editions of Windows XP and Windows Server 2003, could allow an attacker to take control of a computer by luring a computer user to a malicious Web site. The bulletin has a severity rating of "critical" for Windows XP and "low" for Windows Server 2003, according to the advisory.

Microsoft and others criticized Google researcher Tavis Ormandy for publicly disclosing the hole before the software giant had a chance to develop a fix. Within days of the disclosure, there were attacks discovered that exploited the hole.

"Of the zero-day vulnerabilities patched today, we're only seeing one be exploited in the wild," said Joshua Talbot, security intelligence manager at Symantec Security Response. "In just the few weeks since the Help and Support Center issue came to light, three public exploits have surfaced, all using different attack mechanisms. We saw attack activity begin increasing on June 21, but it's since leveled out."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About