Language Selection

English French German Italian Portuguese Spanish

M$ issues 'maximum severity' Windows alert

Filed under

Microsoft has warned of a flaw in its Windows operating system that could be exploited by hackers to remotely run malicious applications on a victim's PC.

The Redmond giant explained that the remote code execution vulnerability, which it rates "maximum severity rating: important", concerns the way that Web View in Windows Explorer handles certain HTML characters in preview fields.

"By persuading a user to preview a malicious file, an attacker could execute arbitrary code in the context of the logged on user. The vulnerability is documented in the 'Vulnerability Details' section of this bulletin," Microsoft stated.

The flaw means that, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
An attacker could then install programs, view, change or delete data, or create new accounts with full user rights, Microsoft warned.

Users whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

Microsoft noted that user interaction is required to exploit the vulnerability, but added that customers need to apply the update "at the earliest opportunity".

According to the software giant's Security Bulletin MS05-024, any user running Windows 2000 Service Pack 3 or Windows 2000 Service Pack 4 should immediately update their systems with the relevant patch.

The company stressed that all versions of Windows XP and Windows Server 2003 are not affected by the flaw, and that Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are not "critically affected" by the bug.


More in Tux Machines

MX Linux Review – Version 17 – An Excellent All Around Linux Distribution

MX Linux is a popular and fast Linux distribution based on Debian stable that is currently in version 17.1. Today, I'm going to take you through my MX Linux Review to see why this distribution is so popular. One of the best things about MX Linux is the variety of custom tools that have been built to make the life of the user easier. The team of devs at MX Linux have really outdone themselves making every single possible need as easy as possible with their MX apps. Read more

Top 7 Remote Access Apps For Linux

A common misconception among Linux users is that it is near impossible to remote into your Linux PC over the Internet. In truth, there are a number of remote apps available for Linux. In this article, I'll share my most recommended remote apps for Linux. Read more

Raspberry Pi CM3 carrier has an Artik MCU for offline Bluetooth’s fleet-oriented “Fin” carrier runs its Docker-friendly ResinOS and IoT framework on a Raspberry Pi Compute Module. It offers RPi 3 like ports, plus a mini-PCIe slot and an Artik 020 MCU for offline Bluetooth links., the company behind the Linux/Javascript-based IoT framework for deploying applications as Docker containers, as well as the related ResinOS 2.0 Linux distribution, has announced its first hardware product. Due to ship later this Spring for about $129, its Project Fin carrier board expands upon the Raspberry Pi Compute Module 3 Lite to support fleet operations. Read more

Android Leftovers