Home | Community | Message Board


This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: PhytoExtractum Kratom Powder for Sale   Left Coast Kratom Buy Kratom Capsules

Jump to first unread post Pages: 1
InvisibleDiploidM
Cuban

Folding@home Statistics
Registered: 01/09/03
Posts: 19,274
Loc: Rabbit Hole
Microsoft Patches Seven Critical Security Holes
    #6283705 - 11/14/06 07:40 PM (17 years, 2 months ago)

Here we go again...

--

November 14, 2006 (Computerworld) -- Microsoft Corp. today released six security bulletins detailing patches for nine separate flaws across several of its products as part of its monthly updates for November.

Seven of the flaws were rated "critical" by the company, while the other two were rated "important."

The most dangerous of the vulnerabilities in this month's batch is a flaw in Microsoft's Workstation Service memory, according to security vendor Symantec Corp. The flaw is remotely executable and allows attackers to potentially take complete control of compromised systems to create new user accounts, install programs and view, modify or delete data.

"A successful exploitation of this vulnerability could result in a complete system compromise," Symantec said in its advisory. "This issue can be exploited by remote anonymous attackers on Windows 2000, Windows XP and possibly Windows Server 2003 systems." Symantec added that a wide variety of component technologies and services are affected by this issue.

A remotely exploitable flaw in Microsoft XML Core Services poses another critical threat to enterprises because it has already been publicly disclosed, said Michael Sutton, security evangelist at Web application security firm SPI Dynamics Inc.

As with the Workstation Service flaw, attackers who successfully exploit this vulnerability could take complete administrative control of systems, Microsoft said in its advisory. Enterprises need to make patching this flaw a top priority because public exploits have already started becoming available, Sutton said.

Also important from an enterprise standpoint is the cumulative update Microsoft issued today to fix three separate remotely exploitable vulnerabilities in Internet Explorer, Sutton said. Two of the flaws addressed in the bulletin -- both involving DirectAnimation ActiveX controls -- have already been publicly disclosed, and exploit code for them has begun circulating, he said.

November's security update is smaller than others this year in terms of the overall number of patches announced, according to Mark Allen, data manager at Shavlik Technologies LLC. "But the percentage that are critical and remotely exploitable is still pretty high," he noted. Patches for those are definitely worth deploying as quickly as possible, he said.

All of the flaws addressed by the current set of fixes -- except for the one in Workstation Service -- can be exploited over the Internet, though they require users to either go to malicious Web sites or click on malicious e-mails, Allen said.

The Workstation Service flaw, on the other hand, only requires an attacker to send a specially crafted packet to the network to be exploited, he said. "The potential for exploiting this one is pretty high," he added.

http://www.computerworld.com/action/arti...8&intsrc=kc_top


--------------------
Republican Values:

1) You can't get married to your spouse who is the same sex as you.
2) You can't have an abortion no matter how much you don't want a child.
3) You can't have a certain plant in your possession or you'll get locked up with a rapist and a murderer.

4) We need a smaller, less-intrusive government.


Extras: Filter Print Post Top
Offlinenobhdy
ETNAV
Male

Registered: 05/12/06
Posts: 1,401
Loc: CT
Last seen: 9 years, 6 months
Re: Microsoft Patches Seven Critical Security Holes [Re: Diploid]
    #6284415 - 11/14/06 10:36 PM (17 years, 2 months ago)

hmmm time to update, eh?


--------------------
[quote]Gumby said:
And if you are going to waste peoples time with your stupid questions, at least try to have grammar skills higher then that of a 7th grader.

READ DAMNIT! [/quote]


Extras: Filter Print Post Top
OfflineSeussA
Error: divide byzero

Folding@home Statistics
Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 2 months, 19 days
Re: Microsoft Patches Seven Critical Security Holes [Re: nobhdy]
    #6284461 - 11/14/06 10:53 PM (17 years, 2 months ago)

I can't wait until Vista comes out and there is no longer any worry about bad people taking advantage of bugs in the operating system.  (MS's Allen recently stated that there was no need for anti-ware with Vista 'cause it is sooooo secure.  I suppose most products are pretty secure before being released to the public :rolleyes:)


--------------------
Just another spore in the wind.


Extras: Filter Print Post Top
Offlinenobhdy
ETNAV
Male

Registered: 05/12/06
Posts: 1,401
Loc: CT
Last seen: 9 years, 6 months
Re: Microsoft Patches Seven Critical Security Holes [Re: Seuss]
    #6285092 - 11/15/06 07:32 AM (17 years, 2 months ago)

just updated :laugh:


--------------------
[quote]Gumby said:
And if you are going to waste peoples time with your stupid questions, at least try to have grammar skills higher then that of a 7th grader.

READ DAMNIT! [/quote]


Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: PhytoExtractum Kratom Powder for Sale   Left Coast Kratom Buy Kratom Capsules


Similar ThreadsPosterViewsRepliesLast post
* Microsoft Issues Patch for 'Critical' Windows Secu Mojo_Risin 1,150 4 11/21/02 06:44 PM
by Mojo_Risin
* New Worm Installs Patches wingnutx 1,165 10 08/21/03 06:34 PM
by wingnutx
* Shroomery security concern Elektrolurch 1,844 2 11/13/01 05:32 AM
by Elektrolurch
* Computer Security dog 1,369 10 12/22/03 03:31 PM
by dog
* Your opinion on Windows XP SP2
( 1 2 all )
Fliquid 3,696 28 02/08/05 12:09 AM
by Fliquid
* removing possible security holes Doomhammer 1,386 1 07/17/01 12:51 PM
by mm.
* Security hole in php gives remote access SeussA 957 1 03/01/02 11:16 AM
by PGF
* Microsoft Encourages Spyware Officially Huehuecoyotl 828 5 07/09/05 07:17 PM
by moog

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
1,032 topic views. 0 members, 1 guests and 3 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.021 seconds spending 0.005 seconds on 12 queries.