Technology news and Jobs 
Information Technology News New zero day attack hits Microsoft PowerPoint
Information Technology News New zero day attack hits Microsoft PowerPoint | New zero day attack hits Microsoft PowerPoint |
|
| by Stan Beer | |
| Thursday, 28 September 2006 | |
  
Featured Whitepaper
5 Best Practices for Smartphone Support
According to the Microsoft Security Advisory, the attack is not quite as critical as the previous zero-day Internet Explorer VML exploit as users can't be attacked unless they open a malicious PowerPoint file sent to them as an attachment. With the previous exploit computers could be infected simply by visiting a maicious website or users opening malicious HTML emails. As usual, Microsoft issued its standard warning about not opening attachments from unknown sources. However, the new zero-day exploit highlights a growing problem for the world's largest software company. For practical purposes, Microsoft has for some time had in place a cyclical security plugging system that has come to be known as Patch Tuesday, in which patches are broadcast to the global user community on the second Tuesday of every month. Unfortunately for Microsoft users, malicious attackers have now tapped into Microsoft's patching rhythm and save up their exploits of newly found vulnerabilities for the period immediately following Patch Tuesday. Thus, an increasing number of zero-day exploits either have a full month in which they can attack unprotected systems or, if the exploit is critical enough, they force Microsoft into releasing an early patch as was the case with yesterday's Internet Explorer fix. Microsoft has stated that it may issue an out of cycle patch if the exploit is deemed serious enough.{moscomment} |
Tags
| < Next story in category | Previous story in the category > |
|---|
