Microsoft addresses several critical flaws

Microsoft addresses several critical flaws

Tags:    Internet Explorer   Microsoft   Microsoft Office   security bulletin   Windows   zero-day flaw

By Robert Westervelt | Oct 19, 2009

Microsoft issued 13 security bulletins Tuesday -- eight of them rated critical -- addressing zero-day flaws in Microsoft Server Message Block (SMB). Microsoft's regular update cycle fixed a record 34 vulnerabilities in Windows, Internet Explorer and Microsoft Office.

Security experts warned that users should work to get the SMB and IIS patches implemented immediately because attackers have already had access to the exploit code. In September exploit code surfaced on several websites targeting vulnerabilities in both the SMB and IIS; Microsoft issued an advisory recommending users deploy a workaround while its engineers produced and tested a fix.

Josh Phillips, a virus researcher at Kaspersky Lab called the SMB vulnerabilities the most alarming of the bulletins released Tuesday. In a statement, Phillips said the flaws were introduced as part of a Microsoft patch issued in 2007.

"What should be even more concerning for Microsoft, however, is the fact that the vulnerability affects Windows Vista and Windows 7 machines and not Windows XP, a peculiarity we would like not to be repeated," Phillips said.

In addition, the bulletins issued by Microsoft contained the first ever security update for the release-to-manufacturing version of Windows 7, addressing ActiveX control issues as a result of components built using a flawed version of Microsoft Active Template Library.

 
 
12345 > >>
This article originally appeared on SearchSecurity

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
 

Comments

Comments

WZZ Moscow big aion gold Buy

Submitted by WZZ WZZ on 2 November 2009 - 3:59pm.

WZZ

Moscow big aion gold
Buy wow gold market "permanently
www.game4power.com closed"
buy cheapest wow gold cause of the
aion gold under investigation
buy aion gold fire aion gold is still
cheap wow gold buy aion gold

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
The state of the Internet, Q4, 2011
Geography appears to play a role in frequency of observed attacks on specific ports. For example, Port 23 (Telnet) is a favorite target for attacks observed to be originating from South Korea and Turkey, where it accounted for more than five times the number of attacks targeting the next most popular port (445 in both countries). Other instances of geography-based port targeting include observed attacks centered on Port 1433 (Microsoft SQL Server) in China and on Port 80 (WWW/HTTP) in Indonesia.
 
 
 
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
StubHub: How to spot fraud before it happens
Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat.