critical microsoft vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Report: 92% of critical Microsoft vulnerabilities mitigated by Least Privilege accounts

Report: 92% of critical Microsoft vulnerabilities mitigated by Least Privilege accountsRe:using pirated windowsThere is no reason that pirated versions of windows should be more vulnerable than genuine ones, this statistic only shows the lack of knowledge and common sense that the people using pirated windows have, since they don't seem...

Tags: Least Privilege account, standard user, Least Privilege, UAC, critical Microsoft vulnerability, Microsoft Vulnerabilities, standard User Account, Microsoft Corp., Microsoft Windows

Discussion threads 2009-02-10

Additional Resources

Microsoft bracing for malware attacks from embedded fonts

It's only a matter of time before malicious hackers start exploiting a critical Windows vulnerability via booby-trapped Web pages or Office Word or PowerPoint documents. by Ryan Naraine

Tags: Malware, Microsoft Corp., Font, Attack, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Microsoft Office, Office Suites, Software, Ryan Naraine

Blog posts 2009-11-12

Microsoft patches Windows worm holes, drive-by download flaws

HolesIt is like trying to patch a rotten ship!Does that mean Linux is a rotten ship too?NTAnd unfortunately most of the world is on that ship And unfortunately most of the world is on that ship RE: Microsoft patches Windows worm holes, drive-by download flawsAll OS are subject to "Intrusion...

Tags: Linux, Patches, Construction, Operating systems, SECURITY, Microsoft patches Windows worm hole, Microsoft patches Window, worm hole, Microsoft Patches, flaw, Microsoft Corp., patch management, attacked, window, Microsoft Windows

Discussion threads 2009-11-10

News to know: Apple; Alex; Microhoo; Droid; FCC

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Sam Diaz: Another strong quarter for Apple; credit strong iPhone, Mac sales Jason D. O'Grady: Apple announces most profitable...

Tags: FCC, Google Inc., Larry Dignan, Advertisement, Information Technology, Dana Blankenhorn, Mary Jo Foley, Apple Inc., Microsoft Corp., Adrian Kingsley-Hughes, Sam Diaz, Microsoft Windows 7, Microsoft Windows, E-books, Federal Government, Service-Oriented Architecture (SOA), Operating Systems, Software, Personal Technology, Government, Web Services, Enterprise Software

Blog posts 2009-10-20

Microsoft: Human error caused critical SMB2 vulnerability

did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Hulu Desktop, Microsoft Corp., critical SMB2 vulnerability, SMB2, SMB2 vulnerability, vulnerability, Microsoft Windows Vista

Discussion threads 2009-10-19

Microsoft: Human error caused critical SMB2 vulnerability

Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., Error, Smb/Sme, Security, Ryan Naraine

Blog posts 2009-10-19

Patch Tuesday: MS plugs critical IE, Windows Media Player holes

Is MS going to pay for my Gb/month overage?With ISPs grasping for profits I see the day when the "download cost" of these mega-patches become an issue!RE: Patch Tuesday: MS plugs critical IE, Windows Media Player holesWow, my Microsoft software is sure to be secure now.GOOD JOB!If only other manufacturers...

Tags: Patches, Microsoft Internet Explorer, media player, patch management, Adobe Systems Inc., Microsoft Corp.

Discussion threads 2009-10-13

From Gimmiv to Conficker: The lucrative MS08-067 flaw

GENEVA -- The critical MS08-067 vulnerability used by the Conficker worm to build a powerful botnet continues to be a lucrative security hole for cyber criminals. During a presentation at the Virus Bulletin 2009 conference here, a trio of Microsoft researchers dissected the malware attacks linked to...

Tags: Flaw, Malware, Conficker, MS08-067, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

Blog posts 2009-09-23

Microsoft ships one-click 'workaround' for critical SMB2 flaw

With exploit code in circulation and facing a race against time to fix the SMB v2 vulnerability haunting Windows Vista and Windows Server 2008, Microsoft has shipped a one-click "fix-it" workaround to help users avoid malicious hacker attacks. by Ryan Naraine

Tags: Workaround, Flaw, Microsoft Corp., Microsoft Windows, Microsoft Windows Server 2008, Smb/Sme, Hacking, Security, Operating Systems, Software, Ryan Naraine

Blog posts 2009-09-18

Sun patches 'critical' StarOffice/StarSuite flaw

Sun patches Openoffice.org with 3.1.1The security problem in "CVE-2009-0200 / CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution" was patched in Openoffice.org in version 3.1.1.http://www.openoffice.org/security/bulletin.htmlMikeOpen_Office is FREEIf you run a Linux distro with Open_Office you are immune from 99.99% of this Windows silliness....So, Linux...

Tags: Operating systems, UNIX, Microsoft Windows, OPEN SOURCE, PRODUCTIVITY, Cyberthreats, Linux, Sun Microsystems Inc., patch management

Discussion threads 2009-09-18

Microsoft FTP in IIS vulnerability now under attack

Less than a week after the publication of exploit code for a critical vulnerability in the FTP Service in Microsoft Internet Information Services IIS, attackers are now launching in-the-wild attacks against Windows users. by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., FTP, Microsoft IIS Server, Attack, Security, Ryan Naraine

Blog posts 2009-09-04

Red Hat: Microsoft taking cloud back to the 80s

Red Hat should feel right at home then because using their software is like using something out of the 80's. I'll prefer a modern company like Microsoft instead of a company based on 30 year old technology such as Red Hat. My theory is that Red Hat is...

Tags: OPEN SOURCE, Microsoft Windows, Operating systems, NT-kernel, Microsoft Corp., Red Hat Inc., Linux, Unix

Discussion threads 2009-09-03

Research: 80% of Web users running unpatched versions of Flash/Acrobat

Thank goodness for regular updates from Adobe's RPM repository!The repository ensures that all my 32 bit Flash and Reader installations are up-to-date. The native 64 bit Flash plugin is still "alpha", and I look forward to the day that is added to the repository too. But at least the appearance...

Tags: Patches, Adobe Systems Inc., Flash/Acrobat

Discussion threads 2009-08-25

Microsoft WINS vulnerability under attack

Just one week after Microsoft issued a fix for a worm hole in the Windows Internet Name Service WINS, malicious hackers have started launching attacks against unpatched systems. The attacks, first spotted by the SANS Internet Storm Center, are hitting Microsoft Windows users who have not yet...

Tags: Vulnerability, WINS, Microsoft Corp., Attack, Security, Ryan Naraine

Blog posts 2009-08-19

Adobe plugs critical ColdFusion, JRun vulnerabilities

Adobe's never-ending run on the security treadmill hit a new gear this week with the release of patches to cover serious vulnerabilities in the ColdFusion and JRun web design and development platforms. The patches, rated critical, cover a total of 7 vulnerabilities, some of which "could lead...

Tags: Adobe Systems Inc., Macromedia JRun, Allaire ColdFusion, Vulnerability, XSS, Cross-site Scripting Vulnerability, Development Tools, Software Development, Software/Web Development, Ryan Naraine

Blog posts 2009-08-18

Microsoft: Exploits likely for 'critical' Windows vulnerabilities

Who cares if exploit code will be released in the futureAs long as it is patched before the exploits are out, the exploits no longer count. Or something like that.Cue the double standards...PS I wonder which one of these was labeled "Bulletin 3" in the pre-patch announcement? According to some...

Tags: Patches, SECURITY, Microsoft Windows, exploit, patch, Microsoft Corp., LUA

Discussion threads 2009-08-11

Microsoft: Exploits likely for 'critical' Windows vulnerabilities

Microsoft today dropped a mega patch bundle with fixes for several "critical" vulnerabilities affecting the Windows platform and warned that "consistent, reliable exploit code" was likely to be released within 30 days. The Redmond, Wash. software maker released nine bulletins -- five rated critical -- to provide...

Tags: Windows Vulnerability, Vulnerability, Microsoft Windows, Exploit Code, Microsoft Corp., Security, Ryan Naraine

Blog posts 2009-08-11

Patch Tuesday heads-up: 9 bulletins, 5 critical

Patch Tuesday heads-up: 9 bulletins, 5 criticalI'm sorry, don't you mean..."Microsoft Warns of Critical Vulnerabilities?"RE: Patch Tuesday heads-up: 9 bulletins, 5 criticalI am sure that all these patches, after all the patches last month, the month before, etc. are for XP only.We have been assured repeatedly on this forum that...

Tags: Operating systems, Construction, Patches, Microsoft Windows Vista (Longhorn), Patch Tuesday heads-up, heads-up, Patch Tuesday, critical vulnerability, OSX, Microsoft Windows, Linux, window, Microsoft Corp., patch management

Discussion threads 2009-08-06

Apple warns of Mac attack risk via image files

Apple warns of Mac attack risk via image filesWow, lots of critical vulnerabilities in there!!I can't believe how many of these bugs allow for arbitrary code execution! Viewing an image file shouldn't result in arbitrary code execution.Oh well, at least they were fixed within nano seconds of the vulnerability popping...

Tags: Desktops, SECURITY, Patches, Apple Macintosh, Mac Attack, Apple Inc., vulnerability

Discussion threads 2009-08-05

Mozilla patches 'critical' Firefox flaws

Mozilla patches 'critical' Firefox flawsNever ending critical flawsIsn't it obvious now that HTML / JAVASCRIPT was so badly designed that these flaws are inevitable? WEB needs a new markup standard, and it'd better not be HTML-oriented regardless how these W3C guys insist they can get it right.RE: Mozilla patches 'critical'...

Tags: Web browsers, Patches, SECURITY, Mozilla Firefox, Mozilla Corp., flaw, Firefox 3.5, patch management

Discussion threads 2009-08-03