Language Selection

English French German Italian Portuguese Spanish

M$ issues 'maximum severity' Windows alert

Filed under
Microsoft

Microsoft has warned of a flaw in its Windows operating system that could be exploited by hackers to remotely run malicious applications on a victim's PC.

The Redmond giant explained that the remote code execution vulnerability, which it rates "maximum severity rating: important", concerns the way that Web View in Windows Explorer handles certain HTML characters in preview fields.

"By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user. The vulnerability is documented in the 'Vulnerability Details' section of this bulletin," Microsoft stated.

The flaw means that, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
An attacker could then install programs, view, change or delete data, or create new accounts with full user rights, Microsoft warned.

Users whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

Microsoft noted that user interaction is required to exploit the vulnerability, but added that customers need to apply the update "at the earliest opportunity".

According to the software giant's Security Bulletin MS05-024, any user running Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4 should immediately update their systems with the relevant patch.

The company stressed that all versions of Windows XP and Windows Server 2003 are not affected by the flaw, and that Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are not "critically affected" by the bug.

Source.

More in Tux Machines

'Open' Processor

  • 25-core open source chip could pave way for monster 200,000-core PC
    PRINCETON UNIVERSITY BOFFINS have developed a 25-core open source processor that can be scaled to create a monster 200,000-core PC stuffed with 8,000 64-bit chips. The chip is called Piton after the metal spikes driven by rock climbers into mountain sides, and was presented at the Hot Chips symposium on high-performance computing in Cupertino this week.
  • New microchip demonstrates efficiency and scalable design
    Researchers at Princeton University have built a new computer chip that promises to boost performance of data centers that lie at the core of online services from email to social media. [...] Other Princeton researchers involved in the project since its 2013 inception are Yaosheng Fu, Tri Nguyen, Yanqi Zhou, Jonathan Balkind, Alexey Lavrov, Matthew Matl, Xiaohua Liang, and Samuel Payne, who is now at NVIDIA. The Princeton team designed the Piton chip, which was manufactured for the research team by IBM. Primary funding for the project has come from the National Science Foundation, the Defense Advanced Research Projects Agency, and the Air Force Office of Scientific Research.
  • Manycore ‘Piton’ Climbs Toward 200,000-Core Peak

Android Leftovers

Lubuntu 16.10 Beta Out Now with Linux Kernel 4.4 LTS and the Latest LXDE Desktop

As part of today's Ubuntu 16.10 (Yakkety Yak) Beta launch, Simon Quigley from the Lubuntu Linux team released the first Beta build of the upcoming Lubuntu 16.10 operating system. Read more Also: Ubuntu MATE 16.10 (Yakkety Yak) Beta Removes the Heads-Up Display (HUD) Feature Ubuntu GNOME 16.10 Beta 1 Released with GNOME 3.20 and GNOME 3.22 Beta Apps Ubuntu 16.10 "Yakkety Yak" Beta Released, Ubuntu GNOME Has Experimental Wayland

Facebook open sources its computer vision tools