Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Six critical vulnerabilities addressed by Microsoft

Symantec : 10 September, 2009  (Technical Article)
Symantec comments on the latest patch release for September released by Microsoft which includes six critical vulnerability bulletins
This month, Microsoft has issued five security bulletins which address eight vulnerabilities, six of which are rated as critical.

"We've seen similar exploits in the past and all a user would have to do is visit a compromised Web site hosting one of these malicious files, which could be an MP3, WMA or WMV file, and they could become infected," said Ben Greenbaum, senior research manager, Symantec Security Response

The ability for an attacker to leverage this is dependent on their physical proximity to a potential victim, as they must be within wireless radio range. As such, if the vulnerability is left un-patched the only protection a user would have against this threat would be to not turn their wireless connectivity on.

A further point of interest in this announcement was that a patch was not announced for the Internet Information Services vulnerability made public last week.

"Until a patch for this is issued, as a temporary workaround we suggest IT administrators using IIS 5.0 and 6.0 turn off anonymous write access immediately. We also recommend using a firewall and restricting access to creating directories. Those using IIS 7.0 with FTP Service version 6.0 installed should upgrade to FTP Service version 7.5," Greenbaum added.

Symantec strongly encourages users to patch their systems against these vulnerabilities. In addition, enterprises are encouraged to consider implementing an automated patch management solution to help mitigate risk.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo