New Microsoft Update Patches Big Holecontent
\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\fightid_logo.gif){kind=logo}
skip to Fight Identity Theft \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\rss.gif)
ProtectionDetectionRecovery HomeBlogAboutContact Subscribe \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\print.gif){kind=small}
Printer Friendly Share this Page HomeBlogNovember, 2009 New Microsoft Update Patches Big Hole\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\microsoft-windows-exploits.jpg)
Microsoft launched an update Tuesday to patch about jade holes in Windows 2000, Windows XP, Windows Server and Office. While most of the patches are related to various Word and Excel, or Windows Server issues, a critical vulnerability was found within the Windows OS kernel-a fairly storm occurrence.
The Big HoleThe Windows kernel is the core of the operating system and the flaw is related to how embedded font files are processed. We ' re not going to get into the technical mumbo jumbo here, so we'll just tell you that the problem-if exploited-would allow malicious code to be passed directly to the system, bypassing any browser defenses that have been created to stop this sort of attack. The code could be downloaded just by visiting a web page prepared by hackers. With the increase of URL shorteners being used as well as advertising attacks, it's easier than ever to be accidently exposed to some nasty code.
Microsoft rated the kernel flaw as critical and gave it an exploitability ranking of 1. This means that Microsoft expects there to be a working exploit within 30 days and is " similar to SEVERE-Severe risk of terrorist attacks on the Homeland Security advisory system (if anyone is actually ' paying any attention to that any more).
Researchers agree that the bad guys are going to move quickly:
"An exploit will appear sooner rather than later," said Jason Miller, the security and data team manager for patch management vendor Shavlik Technologies. "The target is Internet Explorer and browsing is the number one attack vector in the world right now. Users can be infected simply by browsing on a [malicious] Web site.
So this is a big hole that can do some nasty things on unpatched computers.
The SolutionTake the following steps to protect your computer:
Set your computer to automatically download Microsoft updates.Run updates immediately or just set the system to install them automatically.Reconsider using Internet Explorer as your browser of choice. The same problem will not occur using Firefox or other non-IE browsers.How to Update Windows AutomaticallyWindows XPTo set your PC to update automatically in Windows XP, simply access the Control Panel in the start menu, click "Automatic Updates" and choose "Automatic."\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\screen_windowsxp_security.jpg)
For Vista, open Windows Update in the start menu, select "Change Settings" and then select "Install updates automatically."\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\screen_vista_security.jpg)
More information can be found at Computer World and The Washington Post's Security Fix blog.
November 11, 2009 0 Categories Technology comments Viruses Worms Share This Page:\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\email.png){kind=small}
Email \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\facebook.png){kind=small}
Facebook \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\google.png){kind=small}
Google \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\twitter.png){kind=small}
Twitter \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\myspace.png){kind=small}
MySpace \ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\digg.png){kind=small}
Digg Connect With Us We invite you to become a fan of Fight Identity Theft or just join in the discussion. You can find us on Facebook or Twitter.
\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\follow-us-on-twitter-graphic.gif)
Fight Identity Theft Newsletter
Enter your email address and keep up to date. More info | Unsubscribe
Subscribe to our RSS feed May, 2010 (1) April 19, 2010 (1) February, 2010 (1) January, 2010 (3) December, 2009 (1) March 26, 2009 (5) October, 2009 (6) September, 2009 (2) August, 2008 (3) April, 2009 (2) February, 2009 (3) January 27, 2009 (8) in December, 2008 (8) in March, 2008 (1) January 27, 2008 (1) December, 2007 (3) November, 2007 (2) January, 2007 (3) May, 2006 (1) April, 2006 (4) November, 2006 (4) November, 2006 (10) January, 2005 (7) July, 2005 (3) in June, 2005 (4) May, 2005 (5) December, 2005 (1) Credit (12) Fraud (38), Government (21) Identity Theft (39) Junk Mail (5), Phishing (13) Privacy (19) Scam (32), Technology (52) Telemarketing (2), Viruses (11) Visitor Stories (1) Worms (11) Navigation Protection Detection Recovery Home Blog About us © 2001-2010 Fight Identity Theft Privacy policy Disclaimer Contact us Site map Link to this site Other resources Over 3 million visitors served. As seen in:\ABS\Auto Blog Samurai\data\Identity Theft Review\fightidtheftrss\press_logos.gif)
No comments:
Post a Comment