Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Most sites are so over most people's heads and not at all people friendly. This site rocks - Carolina_Stardu  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



Microsoft Issues Patches for 15 Flaws

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Microsoft Issues Patches for 15 FlawsMicrosoft Issues Patches for 15 Flaws

Posted by: Tweaker
Date added: 09:06, 13th June 2007 GMT
Source: Beta News

Microsoft

Microsoft released six updates to address various issues across its products on Tuesday, including four which were rated critical, and three that affected Windows Vista.

The first is an important fix that addresses two issues within Microsoft's Visio product. The first is a remote code execution vulnerability in how the product handles a specially-crafted version number within a Visio file. The other revolves around an issue in how Visio handles parsing of packed objects.

In either case, a user would have to open an attachment from an e-mail or visit a specially crafted website, the advisory states.

Next comes a critical fix for issues within the Schannel security package which enables the SSL and TLS authentication protocols. Microsoft says that Windows 2000, XP and Server 2003 all have issues with how the OS validates server-sent digital signatures.

Vista is the target of a flaw rated "moderate," that could lead to information disclosure. According to the Microsoft advisory, non-privileged users could access local user information including administrative passwords which could then be used to gain complete access to the system.

Microsoft's new operating system is also vulnerable to critical flaws within Internet Explorer that has been issued as a cumulative security update. Altogether seven issues are addressed here, including COM object instantiation, CSS Tag, speech control, and uninitialized memory corruption flaws, plus language pack installation and navigation cancel page spoofing issues.

The issue would also affect Windows 2000, Windows XP, and Windows Server 2003.

The same operating systems are also vulnerable to issues with Outlook Express, which are addressed in a separate critical patch. Three separate information disclosure issues and a remote code execution vulnerability have been remedied.

Finally, a flaw in the Win32 API that puts users of Windows 2000, XP, and Server 2003 at issue for a code execution risk was fixed. A specially designed webpage can take advantage of this issue, Microsoft said in the advisory.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]