Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Three critical vulnerabilities addressed in latest MS Patch release

Symantec : 12 November, 2009  (Technical Article)
Six security bulletins have been released by Microsoft which Symantec recommends implementation to plug critical vulnerabilities
This month, Microsoft issued six security bulletins which address 15 vulnerabilities, three of which Microsoft has rated as critical.

"The Embedded OpenType font kernel vulnerability is the most serious in our opinion," said Ben Greenbaum, senior research manager, Symantec Security Response. "Not only is proof-of-concept exploit code publicly available, but all that's required of a user to become infected by it is simply viewing a compromised Web page. Symantec isn't seeing any active exploits of this in the wild yet, but we think attackers will be paying a lot of attention to it in the future."

"Originally it was thought exploiting this vulnerability would only result in a denial of service type attack," Greenbaum added. "But we now know it can result in an attacker running malicious code on a user's machine. Because it's at the kernel level, it doesn't matter what system privileges the logged-in user has at the time of exploit, the entire system is at risk. This all makes it a potentially more lucrative vulnerability for attackers to exploit."

Symantec strongly encourages users to patch their systems against all vulnerabilities addressed this month. In addition, enterprises are encouraged to consider implementing an automated patch management solution to help mitigate risk.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo