Language Selection

English French German Italian Portuguese Spanish

Microsoft warns of software flaws in Windows

Filed under
Microsoft

Microsoft Corp. warned users on Tuesday of three new security flaws in its Windows and Word software. and issued patches to fix the flaws, which could allow attackers to take over a computer system.

All three of the "critical"-rated security patches could potentially allow an attacker to take control of a personal computer and use it to steal data or launch other attacks, said Stephen Toulouse, a manager at Microsoft's Security Response Center.

"The key thing is really that we want to make people understand the risk with these flaws and that they enable automatic updates," said Toulouse, referring to a feature in Windows that downloads and installs the software patches automatically.

Two of the flaws are related to imaging technology used by Windows, which could potentially allow an attacker to take control of a system simply by having the user view a digital image that contains software code that exploits the flaw, which could be installed on a computer without the user's knowledge.

"Simply by viewing one of these malicious images you can become infected with anything from adware and spyware to any other suspicious code," said Oliver Friedrichs, senior manager at Symantec Corp.'s Security Response Center.

Full Story.

Remember

When XP was announced they were bragging on how secure it was. hahahahahahahahaha slaps knee...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Applications 16.12.1 and Frameworks 5.30.0 by KDE available in Chakra

The latest updates for KDE's Applications and Frameworks series are now available to all Chakra users, together with some other package upgrades. Applications 16.12.1 include more than 40 recorded bugfixes and improvements, including a data loss bug in iCal resource for kdepim-runtime. kdelibs got updated to 4.14.28. Frameworks 5.30.0 ship with the usual bugfixes and improvements, mostly found in breeze icons, kio and plasma-framework. Read more

Linux 4.10-rc5

Things seem to be calming down a bit, and everything looks nominal. There's only been about 250 changes (not counting merges) in the last week, and the diffstat touches less than 300 files (with drivers and architecture updates being the bulk, but there's tooling, networking and filesystems in there too). Read more Also: Linus Torvalds Announces Fifth Linux 4.10 Kernel RC, Everything Looks Nominal Linux 4.10-rc5 Released, Now Codenamed "Anniversary Edition"

Fedora 26 Linux to Enable TRIM for Better Performance of Encrypted SSD Disks

According to the Fedora 26 release schedule, the upcoming operating system is approaching an important milestone, namely the proposal submission deadline for system-wide changes, which is currently set for January 31. Read more Also: Fedora 26 Planning To Enable TRIM/Discard On Encrypted Disks

New CloudLinux 7 and CloudLinux 6 Linux Kernel Security Updates Pushed Into Beta

CloudLinux's Mykola Naugolnyi is informing users of the CloudLinux 7 and CloudLinux 6 enterprise-ready operating systems to upgrade their kernel packages immediately if they are using the Beta channel. Read more