Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
A "critical" out-of cycle security update released by Microsoft on Tuesday fixes the animated cursor vulnerability that potentially allowed attackers to take control of a system.
The flaw is often called the ANI vulnerability, as it relates to animated cursor files, which normally have the .ani suffix.
Exploits are relatively widespread, so applying the patch is an urgent matter. Security companies have detected several different attacks from hundreds of sites.
For example, security vendor Websense says it has found one particular attack has been installed more than 450 compromised web sites, resulting in "tens of thousands of pages with exploit code links on them" to silently install a generic password stealer when people visit the pages.
Yet Microsoft security program manager Christopher Budd wrote in the Microsoft Security Response Center Blog "We have been monitoring the situation throughout and our indications, and those of our MSRA partners, show there is a threat for attacks against this vulnerability to increase although we haven’t seen anything widespread. Based on customer feedback and our teams’ ability to complete testing in an expedited manner by working around the clock, we’ve gone ahead and released this update early to help better protect customers from this threat."
The update patches other, less severe vulnerabilities in Windows' Graphics Device Interface (GDI) code. Most allow privilege elevation and are rated "important"; one allows a malformed WMF file to freeze or possibly restart a system.
Tuesday's patch applies to Windows 2000, XP, Server 2003 and Vista. It can be downloaded from Microsoft's web site (via this page) or installed through Software Update.
One problem with the patch has already been identified - it conflicts with the Realtek HD Audio control panel. A hotfix is available from Microsoft.
The regular Patch Tuesday is scheduled for next week and Microsoft still expects to release updates on that day, though no details have been released yet.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
