Language Selection

English French German Italian Portuguese Spanish

M$ issues 'maximum severity' Windows alert

Filed under
Microsoft

Microsoft has warned of a flaw in its Windows operating system that could be exploited by hackers to remotely run malicious applications on a victim's PC.

The Redmond giant explained that the remote code execution vulnerability, which it rates "maximum severity rating: important", concerns the way that Web View in Windows Explorer handles certain HTML characters in preview fields.

"By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user. The vulnerability is documented in the 'Vulnerability Details' section of this bulletin," Microsoft stated.

The flaw means that, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
An attacker could then install programs, view, change or delete data, or create new accounts with full user rights, Microsoft warned.

Users whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

Microsoft noted that user interaction is required to exploit the vulnerability, but added that customers need to apply the update "at the earliest opportunity".

According to the software giant's Security Bulletin MS05-024, any user running Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4 should immediately update their systems with the relevant patch.

The company stressed that all versions of Windows XP and Windows Server 2003 are not affected by the flaw, and that Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are not "critically affected" by the bug.

Source.

More in Tux Machines

today's howtos

KDE/Qt

  • Device Tailored Compositors with Qt Wayland at CLAAS E-Systems
    Have you heard about software in cars that run on embedded devices? Do you think that creating such software might be challenging? Well, welcome to a complete new world of complexity, welcome to the world of agriculture machines! For many years, automatic steering (on fields), terminals to control the complex mechanical operations of a self-driving 16 ton combine harvester on a soft ground, and self-optimization systems to optimize any tiny bit of your harvester, are key demands from customers. I, myself, am working at CLAAS E-Systems, the electronics and software department within the CLAAS group. Our group is well known for being among the leading manufacturers for combine harvesters, tractors and forage harvesters.
  • Qt Wayland Is Next Appearing On Tractors & Farm Equipment
    With Qt 5.8's Qt Wayland Compositor Framework taking shape, more developers are beginning to tailor a Qt Wayland compositor to their use-cases. One of those is a company specializing in farm equipment like combine harvesters, tractors, and harvesters. As a guest post on the official Qt blog, developer Andreas Cord-Landwehr of CLAAS E-Systems talked up Qt Wayland for their purposes in the highly-regulated agriculture industry.
  • KDevelop 5.1 Open-Source IDE Launches with LLDB and OpenCL Support, Many Changes
    The development team behind the popular, open-source, cross-platform, free and powerful KDevelop IDE (Integrated Development Environment) were proud to announce the official release and general availability of KDevelop 5.1. KDevelop 5.1 is now the most advanced stable version of the application, which is written entirely in Qt and designed to be used on various GNU/Linux distributions that usually ship with the KDE Plasma desktop environment, but also on the latest releases of the Microsoft Windows operating system.

Leftovers: Gaming

GNOME News: GNOME 3.24 Everywhere

  • GNOME 3.24 released
    The GNOME Project is proud to announce the release of GNOME 3.24, "Portland".
  • GNOME 3.24 Released, This Is What’s New
    Hurrah! GNOME 3.24 is now available to download. The latest stable release of the open-source GNOME desktop, GNOME 3.24 brings a number of new features and improvements to the proverbial table, including one that might even help you sleep better!
  • GNOME 3.24 Linux desktop environment is here
    My absolute favorite desktop environment for Linux is GNOME. Quite frankly, if the DE went away tomorrow, I might have to rethink my use of Linux entirely. Yeah, I am that passionate about it. Environment aside, the GNOME experience also includes a collection of applications, creating a coherent user experience.
  • GNOME 3.24 Released
    GNOME 3.24, the latest version of GNOME 3, is now available. Introducing an updated platform and applications, the release includes a number of major new features and enhancements, as well as many smaller improvements and bug fixes. 3.24 represents another step forward for GNOME, and has much to offer both users and developers.