News
[Security]| Thursday 12th May 2005 |
The bug is in the Web View of Windows Explorer, which fails to handle certain HTML characters properly in previews.
A specially built page could exploit this hole, allowing the attacker to feed in code remotely and access data with all the privileges of the user looking at the HTML page. As most people operate Windows in admin mode, this would include the installation and deletion of programs.
The patch for this is rated as 'not critical' for NT4, 98 and ME systems and 'important' for systems running Windows 2000. XP systems and Windows Server 2003 are not affected. The patch is available from the Microsoft website.
Microsoft has also begun a new service of advisory alerts around security issues. These are concerned with the way Microsoft products are configured and will provide advice on how to set them up more securely.
The company says it has also improved its Windows Malicious Software Removal Tool, both in terms of usability and functionality, as well as adding in signatures for variants of Sdbot and Ispro malware.
Submit to: Digg | Slashdot | Del.icio.us | Technorati
Software: great savings. Feed your passion on eBay.co.uk.
Microsoft Xbox 360 Premium (20GB)
CD/DVD, 3 IBM PowerPC-based CPUs at at 3.2 GHz each bits CPU, 512.0 MB RAM, DVD, Internet compatible, 8.3x30.9x25.8 cm cm
Microsoft Xbox 360 Premium HDMI Edition (60GB)
CD/DVD, 3 IBM PowerPC-based CPUs at at 3.2 GHz each bits CPU, 512.0 MB RAM, DVD, Internet compatible, 8.3x30.9x25.8 cm cm
