Digital Edition

SYS-CON.TV
Microsoft Security Concerns Proliferate
Software-as-Sieve News Comes in Wake of Firefox Gains

Although the two stories are not directly related, it is interesting to see new reports of the seemingly endless Microsoft security holes coincident with the announcement that the Mozilla Firefox browser, designed to be very secure compared to Microsoft's Internet Explorer, continues to gain market share against Redmond.

Microsoft announced a total of eight security bulletins on Wednesday, April 13, with five of the vulnerabilities listed as "critical." The latter group encompasses Windows, Exchange Server, MSN Messenger, Word, and yes IE. All of them could theoretically let a attacker take control of individual systems, the company reported. Patches have been writeen and are available at the Microsoft site.

Here is a listing of the five critical problems:

* Security Bulletin MS05-019 affects Windows software for TCP/IP and concerns a vulnerability that could allow remote code execution and denial of service. Microsoft recommends the patch for users of Windows 2000 Service Packs 3 and 4, Windows XP Service Packs 1 and 2, Windows XP 64-bit Edition Version 2003 and Service Pack 1, and versions of Windows Server 2003, Windows 98 and Windows Millennium Edition.

* Security Bulletin MS05-020 involves a danger of remote code execution on Internet Explorer. The problem affects various versions of Explorer and versions of Windows 98, Millenium Edition, Windows Server 2003, Windows XP and Windows 2000.

* Security Bulletin MS05-21 deals with possible remote code execution attacks on Exchange Server. The vulnerability affects Exchange Server 2003, Exchange Server 2003 Service Pack 1 and Exchange 2000 Server Service Pack 3.

* Security Bulletin MS05-22 also involves a danger of remote code execution. It affects MSN Messenger 6.2. MSN Messenger 7.0 is not affected.

* Security Bulletin MS05-23 likewise is a remote code execution vulnerability. It affects Microsoft Word 2000, Works Suite 2001, Word 2002, Works Suite 2002, Works Suite 2003, Works Suite 2004 and Microsoft Office Word 2003.

Meanwhile, word has also come of an unpatched problem in Microsoft Office. Labeled "highly critical" by Secunia, an IT security firm, this one standa apart from the Elite Eight. It allegedly can fool unwitting users into opening a specially designed ".mdb" file in Microsoft Access.

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical ...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience w...
NanoVMs is the only production ready unikernel infrastructure solution on the market today. Unikerne...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the m...
SUSE is a German-based, multinational, open-source software company that develops and sells Linux pr...
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are rep...
Technological progress can be expressed as layers of abstraction - higher layers are built on top of...
When building large, cloud-based applications that operate at a high scale, it’s important to mainta...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, disc...
Big Switch's mission is to disrupt the status quo of networking with order of magnitude improvements...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism...
Dynatrace is an application performance management software company with products for the informatio...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
All in Mobile is a mobile app agency that helps enterprise companies and next generation startups bu...
Yottabyte is a software-defined data center (SDDC) company headquartered in Bloomfield Township, Oak...
Serveless Architectures brings the ability to independently scale, deploy and heal based on workload...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it wil...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the c...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...