Computer Help Community


Cyber Tech Help Community

New Tutorials

PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   If you only have time for one windows support site, mark CTH down as your place to go. Hey it's in my favorites folder - Jethro  Close Member Quote
Member Testimonials


Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Cyber Tech Help Community

To the top of the page to top


Computing News | Fixes in for Windows 2000, Adobe Reader

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 09:46 Wednesday, 13th January 2010 GMT
Source: C/Net News


Microsoft patched a critical hole in Windows 2000 on Tuesday that could allow an attacker to take control of a computer if a user viewed a maliciously crafted Embedded OpenType font in Internet Explorer, Office PowerPoint, or Word.

The security bulletin is rated "low" severity for Windows 7, Vista, XP, Server 2003, and Server 2008 operating systems, according to the Microsoft advisory, which gave credit for discovering the vulnerability to a Google researcher.

According to Microsoft's Exploitability Index, the hole is rated "2" which means "inconsistent exploit code likely" while "exploitation of systems running Windows XP and later operating systems is unlikely." More technical details are available on Microsoft's Security Research and Defense blog.


However, security experts said a patch for a zero-day vulnerability in Adobe Reader and Acrobat that Adobe Systems released on Tuesday was even more important than the Microsoft bulletin. The hole was discovered in mid-December and is being exploited by attacks in the wild to deliver Trojan horse programs that install backdoor access on computers.

"Unlike most months, what the bulletin administrators should look at first is the Adobe patch when it is released later today," said Jason Miller, data and security team leader at Shavlik Technologies. "This bulletin will patch vulnerabilities that are currently in the wild affecting users."

Adobe also released a beta test version of a new automatic updater for Reader and Acrobat on Tuesday, according to the Adobe Reader blog. Reader was found to be one of the buggiest programs in 2009.

Meanwhile, Microsoft also issued an advisory for holes in the Adobe Flash Player 6.0 that shipped with Windows XP and updated its Malicious Software Removal Tool to include the Win32/Rimecud worm that spreads through removable drives, Instant Messenger and peer-to-peer shared folders.

In addition, Microsoft re-released an Active Template Library bulletin to add Windows Embedded CE 6.0 to the affected products list. This re-release affects only developers and original equipment manufacturers building applications on top of the mobile platform.

"One of the outstanding bugs that wasn't patched this month is an SMB [Server Message Block] denial-of-service attack vulnerability that has been open since mid-November," said Andrew Storms, director of security operations at nCircle. "Since Microsoft has left the bug open for this long it's now clear that the threat isn't as serious as many people believed."


(Credit: Oracle)

Finally, Oracle released its quarterly Critical Patch Update on Tuesday, containing 24 fixes for seven products, including the application server and database engine. "The majority of the holes are remotely exploitable without authentication," notes Wolfgang Kandek, chief technology officer at Qualys.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News


Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.


[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]