Microsoft Plugs Critical Windows Security Hole
Microsoft today issued two software updates to remedy security vulnerabilities in its Windows operating systems, including one that criminal groups have been targeting lately to break into and steal data from vulnerable machines.
One of the patches fixes a critical flaw found in Windows XP and Windows Server 2003 systems that also have Internet Explorer 7 installed. This vulnerability is not present in Windows Vista. For more than a month now, cyber criminals have been blasting out spam e-mails containing malicious links or Adobe PDF documents that try to install spyware programs when users click the links or open the files.
The PDF attacks first surfaced about a month ago, after Adobe issued a patch to prevent PDFs from being used to exploit the Windows flaw. Experts said virus writing groups quickly disassembled that patch to pinpoint the weakness, which is caused by the way certain Windows installations validate things like malformed Web links.
The second problem Microsoft addressed today affects Windows Server 2003 and Windows 2000 Server systems, versions of Windows not typically used by the average home user.
Posted by: PJ | November 13, 2007 2:49 PM | Report abuse
Posted by: Patton | November 13, 2007 2:59 PM | Report abuse
Posted by: Bk | November 13, 2007 3:47 PM | Report abuse
Posted by: TJ | November 15, 2007 4:01 PM | Report abuse
The comments to this entry are closed.