Language Selection

English French German Italian Portuguese Spanish

M$ issues 'maximum severity' Windows alert

Filed under
Microsoft

Microsoft has warned of a flaw in its Windows operating system that could be exploited by hackers to remotely run malicious applications on a victim's PC.

The Redmond giant explained that the remote code execution vulnerability, which it rates "maximum severity rating: important", concerns the way that Web View in Windows Explorer handles certain HTML characters in preview fields.

"By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user. The vulnerability is documented in the 'Vulnerability Details' section of this bulletin," Microsoft stated.

The flaw means that, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
An attacker could then install programs, view, change or delete data, or create new accounts with full user rights, Microsoft warned.

Users whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

Microsoft noted that user interaction is required to exploit the vulnerability, but added that customers need to apply the update "at the earliest opportunity".

According to the software giant's Security Bulletin MS05-024, any user running Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4 should immediately update their systems with the relevant patch.

The company stressed that all versions of Windows XP and Windows Server 2003 are not affected by the flaw, and that Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are not "critically affected" by the bug.

Source.

More in Tux Machines

Linux 4.2 Bringing Support For ARCv2, HS38 CPU Cores

The ARC architecture updates for the Linux 4.2 kernel have landed. With the ARC architecture updates in Linux 4.2 comes support for HS38 cores, which in turn are based on the Synopsys next-gen ISA known as ARCv2. The ARCv2 ISA is faster and more feature-rich than their original instruction set architecture. The HS38 cores have a 10-stage pipeline core with MMU support, SMP up to four cores, and other new features. The HS38 processor is still 32-bit and is "optimized for high-performance embedded applications running Linux." Read more Also: Radeon & AMDGPU DRM Fixes Queue Up For Linux 4.2

Ubuntu Touch OTA-5 Will Bring a New Thumbnailer in Unity 8, Support for Refunds

Canonical's Alejandro J. Cura had the great pleasure of reporting a few hours ago that the upcoming OTA-5 update for the Ubuntu Touch mobile operating system will get some attractive new features in the Unity 8 user interface. Read more

The July 2015 issue of the PCLinuxOS Magazine

With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. Read more

The Linux Setup - Neil McGovern, Debian Project Leader

I’m the current Debian Project Leader—which is a very impressive title that boils down to being a figurehead for the Debian project. I first started getting involved with Debian in 2003, and have wended my way through various roles in the project, from designing t-shirts to being the Release Manager for the last three releases, Lenny, Squeeze and Wheezy. In my day job, I’m the engineering manager for Collabora, an open source software consultancy which is fairly similar—basically making sure that all the engineers are happy and helping unblock any problems that come along. Read more