Digital Edition

SYS-CON.TV
Microsoft Security Concerns Proliferate
Software-as-Sieve News Comes in Wake of Firefox Gains

Although the two stories are not directly related, it is interesting to see new reports of the seemingly endless Microsoft security holes coincident with the announcement that the Mozilla Firefox browser, designed to be very secure compared to Microsoft's Internet Explorer, continues to gain market share against Redmond.

Microsoft announced a total of eight security bulletins on Wednesday, April 13, with five of the vulnerabilities listed as "critical." The latter group encompasses Windows, Exchange Server, MSN Messenger, Word, and yes IE. All of them could theoretically let a attacker take control of individual systems, the company reported. Patches have been writeen and are available at the Microsoft site.

Here is a listing of the five critical problems:

* Security Bulletin MS05-019 affects Windows software for TCP/IP and concerns a vulnerability that could allow remote code execution and denial of service. Microsoft recommends the patch for users of Windows 2000 Service Packs 3 and 4, Windows XP Service Packs 1 and 2, Windows XP 64-bit Edition Version 2003 and Service Pack 1, and versions of Windows Server 2003, Windows 98 and Windows Millennium Edition.

* Security Bulletin MS05-020 involves a danger of remote code execution on Internet Explorer. The problem affects various versions of Explorer and versions of Windows 98, Millenium Edition, Windows Server 2003, Windows XP and Windows 2000.

* Security Bulletin MS05-21 deals with possible remote code execution attacks on Exchange Server. The vulnerability affects Exchange Server 2003, Exchange Server 2003 Service Pack 1 and Exchange 2000 Server Service Pack 3.

* Security Bulletin MS05-22 also involves a danger of remote code execution. It affects MSN Messenger 6.2. MSN Messenger 7.0 is not affected.

* Security Bulletin MS05-23 likewise is a remote code execution vulnerability. It affects Microsoft Word 2000, Works Suite 2001, Word 2002, Works Suite 2002, Works Suite 2003, Works Suite 2004 and Microsoft Office Word 2003.

Meanwhile, word has also come of an unpatched problem in Microsoft Office. Labeled "highly critical" by Secunia, an IT security firm, this one standa apart from the Elite Eight. It allegedly can fool unwitting users into opening a specially designed ".mdb" file in Microsoft Access.

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

A valuable conference experience generates new contacts, sales leads, potential strategic partners a...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, ...
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st I...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22n...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT...
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by Fi...
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...