Language Selection

English French German Italian Portuguese Spanish

M$ issues 'maximum severity' Windows alert

Filed under
Microsoft

Microsoft has warned of a flaw in its Windows operating system that could be exploited by hackers to remotely run malicious applications on a victim's PC.

The Redmond giant explained that the remote code execution vulnerability, which it rates "maximum severity rating: important", concerns the way that Web View in Windows Explorer handles certain HTML characters in preview fields.

"By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user. The vulnerability is documented in the 'Vulnerability Details' section of this bulletin," Microsoft stated.

The flaw means that, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
An attacker could then install programs, view, change or delete data, or create new accounts with full user rights, Microsoft warned.

Users whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

Microsoft noted that user interaction is required to exploit the vulnerability, but added that customers need to apply the update "at the earliest opportunity".

According to the software giant's Security Bulletin MS05-024, any user running Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4 should immediately update their systems with the relevant patch.

The company stressed that all versions of Windows XP and Windows Server 2003 are not affected by the flaw, and that Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are not "critically affected" by the bug.

Source.

More in Tux Machines

How to Get Over Your Fear of Failing at Linux

We’ve written plenty of articles about helping you switch over to Linux from your current operating system. However, even with all of those materials at hand, it’s sometimes still difficult to take the leap of faith and actually try it out. So, this article will be all about questions you might have about switching, and what you can do to ease yourself into the world of Linux. If you read it from start to finish, you’ll have plenty of answers and tips to succeed at Linux. Read more

Don't Fear the Penguin

It was a slow news day today for Linux but a few tidbits stood out. First up is Danny Stieben with his article persuading prospects how easy Linux really is. Read more

Alpine Linux 3.1.2 released

The Alpine Linux project is pleased to announce the immediate availability of version 3.1.2 of its Alpine Linux operating system. This is a bugfix release of the v3.1 musl based branch. This release is based on the 3.14.30 kernel which has some critical security fixes. Read more

Canonical Has Revealed The Hardware Specs Of Bq Aquarius E4.5

Recently, Canonical has revealed the hardware specifications of Bq Aquarius E4.5 running Ubuntu Touch. It comes with a 4.5-inch screen with a 960×540 resolution, 13 MPX camera, a Quad Core ARM Cortex running at 1.3 GHz, 1 GB of RAM memory, 8 GB internal memory and Mali 400 graphics. Read more