Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

MS patch release underlines increased internet security risks

McAfee : 11 September, 2008  (Technical Article)
Vulnerabilities closed in latest Microsoft patch relate to exploits triggered by visiting malicious websites
Yesterday Microsoft released four security bulletins that covered a total of eight vulnerabilities. All four of the bulletins were rated critical by Microsoft.

While all bulletins were critical, McAfee deemed those addressing vulnerabilities in the Microsoft Graphics Device Interface (GDI+), a Windows component used to process image files, and Windows Media Player 11 the most urgent. The vulnerabilities addressed by these updates
(MS08-052 and MS08-054, respectively) could be exploited if a user viewed a rigged image or streamed a malicious media file from the Web.

'The bulk of the vulnerabilities addressed by Microsoft's fixes yesterday could be exploited if a Windows user simply visits a malicious Web site,' said Dave Marcus, security research and communications director at McAfee Avert Labs. 'Criminals are increasingly using the Web to deliver malicious software. In such drive-by downloads an attacker places malware onto a vulnerable computer without the user noticing it. Microsoft's patches again underline the risk of surfing the Web unprotected.'

All of the vulnerabilities addressed by Microsoft yesterday could allow attackers to take complete control over a computer running the vulnerable software. The image handling vulnerabilities in particular are likely to be exploited in cyberattacks.

'Microsoft has repeatedly had to fix problems related to the Graphics Device Interface in Windows and vulnerabilities in the component have been exploited broadly in the past. We can expect that security researchers will be looking to reverse engineer yesterday's patches, which may very well lead to many more exploits being created,' said Marcus.

McAfee recommends that home users install Microsoft's patches as soon as possible. Home users should use Windows Automatic Updates.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo