iTWire - September Patch Tuesday: a critical day for media files at Microsoft

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

September Patch Tuesday: a critical day for media files at Microsoft

September Patch Tuesday: a critical day for media files at Microsoft

E-mail

by Stephen Withers
Wednesday, 10 September 2008
Page 2 of 3 The developer tools listed are not of themselves vulnerable to the issue, but are provided so that applications developed with them can be rebuilt without the flaw. Featured Whitepaper 5 Best Practices for Smartphone Support Not only does the update install a new version of the gdiplus.dll file, it also includes a Windows Side by Side Cache rule to prevent applications requesting and receiving an older version that still contains the flaw. The Side by Side Cache is designed to accommodate applications that request a particular version of a DLL, but such rules allow the normal behaviour to be overridden when it is determined that previous versions include a significant vulnerability. While this does open the possibility that an application might fail if it really does depend on a specific version of a DLL, the old saying "better safe than sorry" is applied. The second vulnerability involves audio files played by Windows Media Player. It can be exploited by streaming a maliciously crafted file from a Windows Media server to Windows Media Player. It's probably a little harder to tempt victims to listen to a particular playlist than it is to get them to visit a web page, so in one sense this is probably less serious than the GDI+ issue. However, it still has a critical rating. The flaw is present in Windows Media Player 11. Earlier versions are not affected. Once again. an exploit only has the same rights as the user, so running as an administrator increases the scope of a successful exploit. Vulnerabilities in Office and Windows Media Encoder - see page three . << First page < 1 2 3 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking