Microsoft fixes 17 vulnerabilities

by Stephen Withers

Thursday, 14 February 2008

Page 1 of 2 ! A quiet January has been followed by a busy February for administrators of computers running Microsoft's operating systems and Office applications. A total of 17 vulnerabilities are addressed by 11 bulletins issued this week. The six critical bulletins relate to Windows, Office, Visual Basic, and Internet Explorer. They all allow remote code execution, but according to Microsoft officials only one has been publicly reported. One or more critical bulletins relate to every currently-supported version of Windows from 2000 to Vista. There are also critical bulletins for Office 2004, Visual Basic 6, Office 2000, Word 2000, and Office Publisher 2000. The most serious could be a flaw in the WebDAV Mini-Director (a component of Windows from XP through to Vista) as it runs with system privileges and therefore a successful exploit gives the attacker full control of the computer. "While the batch of critical vulnerabilities all require some sort of user interaction to exploit, the interaction can be as simple as visiting a trusted Web site that has first been exploited by an attacker," said Ben Greenbaum, senior research manager, Symantec Security Response. "As consumers and enterprises become more savvy to security risks, attackers are leveraging alternative means to distribute malware through these trusted sites in addition to distributing via an attachment or random link in an email." CONTINUED << First page <   1 2 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751