ms08-025 Resources on ZDNet

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

ms08-025: Microsoft Windows kernel vulnerable to local privilege escalation flaw: MS08-025: Microsoft Windows kernel vulnerable to local privilege escalation flawCrumbsThe 10 year old mouse is out.Who'da thought?New news?Isn't this just rehashing news from three weeks ago? Not that it isn't a serious flaw, but it's old news. Can't we just wait for the next patch Tuesday, or is...; Tags: Microsoft Windows Vista (Longhorn), SECURITY, Operating systems, Nothing, flaw, local access, MS08-025, Microsoft Windows, Microsoft Windows kernel, Microsoft Windows Vista, Microsoft Corp., window; Discussion threads 2008-04-29

Additional Resources

Details, details, details... more on the Microsoft flaws from today: Thought I'd explore some of these bugs a bit more... first, Tipping Point released one of the vulnerabilities that Larry reported earlier, listed as a stack overflow issue in Microsoft Office Jet Database Engine. The stack overflow isn't what's interesting, what's interesting is the attack vector itself. To be fair to...; Tags: Vulnerability, Microsoft Corp., Database Engine, iDefense, Flaw, Exploitation, Microsoft Word, Word Processors, CSS, Microsoft Office, Security, Databases, Office Suites, Software, Scripting Languages, Software/Web Development, Web Development, Enterprise Software, Data Management, Nathan McFeters; Blog posts 2008-05-13
News to know: Microhoo; Taming Vista UAC; iPhone; Google; CIO Sessions: Notable headlines: Ed Bott: Fixing Windows Vista, Part 2: Taming UAC. Images: Taming Vista's User Account Control right Larry Dignan: Microhoo: Wall Street gets antsy Mary Jo Foley: XP SP3 delayed by glitch New test releases...; Tags: Apple iPhone, Google Inc., Larry Dignan, Vista UAC, Jason O'Grady, Apple Inc., Microsoft Corp., Microsoft Windows, 3G, Operating Systems, Cellular Phones, Wireless, Software, Consumer Electronics, Personal Technology; Blog posts 2008-04-30
ms08-025: Microsoft Windows kernel vulnerable to local privilege escalation flaw: From Microsoft: A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. This is an important security update for all supported editions of Windows 2000, Windows XP, Windows Server...; Tags: Window, Microsoft Corp., Kernel, Flaw, Updates, Microsoft Windows, Security Administration, Operating Systems, Security, Software, Nathan McFeters; Blog posts 2008-04-29
US currently accounts for 21% of Internet users, down from 66% in 1996: Region January 2007 January 2008 Growth, YTY Worldwide 746,934 824,435 10.4% Asia Pacific 271,192 308,817 13.9% Europe 218,063 232,866 6.8% North America 173,839 183,823 5.7% Latin America 50,641 59,025 16.6% Middle East - Africa 33,199...; Tags: Internet User, ComScore Networks Inc., Internet, NB; Blog posts 2008-03-23

Microsoft Excel patch may lead to to calculation errors: Microsoft plugged more than a few vulnerabilities in Excel last week, but the trade off may be calculation errors. Microsoft's Bill Sisk said in a post late Friday following the software giant's latest patch batch: I wanted to let you know that we have updated bulletin...; Tags: Microsoft Corp., Bulletin, Microsoft Excel, Microsoft Office, Office Suites, Software, Larry Dignan; Blog posts 2008-03-16
Microsoft delivers 12 patches to plug Office; 7 for Excel flaws: Microsoft on Tuesday delivered several patches to fix critical vulnerabilities in Office including a well-publicized Excel flaw. In the first bulletin (MS08-014), Microsoft addressed "several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially...; Tags: Microsoft Outlook, Vulnerability, Patch Management, Microsoft Corp., Flaw, Microsoft Excel, Microsoft Office, Office Suites, Software, Larry Dignan; Blog posts 2008-03-11
US direct marketing market reached $173.2 bln in 2007: In 2007 commercial and nonprofit marketers spent $173.2 bln on direct marketing in US, according to Direct Marketing Association. Measured against total US sales, these advertising expenditures generated approximately $2.025 trln in incremental sales. In 2007, direct marketing accounted for 10.2% of total US gross domestic product. Also in 2007,...; Tags: Direct Marketing, Sales Channel, Advertising & Promotion, Sales Strategy, Marketing Research, Sales, Marketing, NB; Blog posts 2008-02-29
Exploit code surfaces for Microsoft Works, QuickTime: Exploit code for Microsoft Works--which was just patched on Tuesday--and QuickTime is making the rounds. First up, the Microsoft Works exploit. A hacker dubbed "chujwamwdupe," who also makes Teletubbies references for giggles, posted the following: A vulnerability exists in WPS to RTF convert filter that is...; Tags: Apple QuickTime, Microsoft Corp., Microsoft Works, Office Suites, Digital Music, Digital Media, Software, Personal Technology, Consumer Electronics, Larry Dignan; Blog posts 2008-02-14
Microsoft drops 11 patches, 6 critical: Microsoft drops 11 patches, 6 criticalConflicting TitleThe headline had me worried that Microsoft wasn't going to release the patches.Did these make it to SP1? Prolly not?Do we install these before or after SP1? And...are there 11 or 17 vulnerabilities...6 + 5 = 11....RE: Microsoft drops 11 patches, 6...; Tags: Patches, patch management, Microsoft Corp., vulnerability; Discussion threads 2008-02-12
Microsoft delivers 11 patches, 6 critical; Excel flaw left unpatched: Updated: Microsoft delivered 11 patches on Tuesday addressing 17 vulnerabilities. Six updates fix critical flaws and five address important vulnerabilities, but an already exploited Excel zero day was left unpatched. Microsoft's advisory last week noted 12 patches fixing 7 critical vulnerabilities. One critical Windows vulnerability was cut...; Tags: Vulnerability, Patch Management, Microsoft Corp., Microsoft Excel, Flaw, Microsoft Office, Security, Office Suites, Software, Larry Dignan; Blog posts 2008-02-12
Tornado destroyed woman's house: then she gets this $2,025.45 bill from Time Warner Cable: Tornado destroyed woman's house: then she gets this $2,025.45 bill from Time Warner CableHow's this possible?What kind of equipment does she have the would cost that kind of cash? As well why is she responsible for it? After the demarcation point that is the cable companies problem. If weather cause...; Tags: Cable, Time Warner Inc., tornado; Discussion threads 2008-01-31
Tornado destroyed woman's house: then she gets this $2,025.45 bill from Time Warner Cable: From Wisconsin's Kenosha News comes this story that after a January 7 tornado demolished her home, and ensuing rain and snow made it a bear to fix, a woman from the area has received a $2,025.45 bill from her (now former, well duh) cable television service....; Tags: Time Warner Inc., Cable, Insurance, TVs, Network Technology, Tv & Home Theater, Telecommunications, Personal Technology, Business Operations, Corporate Insurance, Home Entertainment, Networking, Russell Shaw; Blog posts 2008-01-31
Immunity launches exploit for 'unlikely' Windows worm hole: A workable exploit attack for a TCP/IP vulnerability in Microsoft's Windows has been launched into the wild courtesy of security firm Immunity. On Jan. 17, it became clear that you shouldn't dawdle on deploying Microsoft's MS08-001 patch. That patch, issued Jan. 8, fixed a Transmission Control Protocol/Internet...; Tags: Vulnerability, Security Company, Microsoft Corp., Exploit, Tcp/Ip, Microsoft Windows, Security, Networking, Operating Systems, Software, Larry Dignan; Blog posts 2008-01-29
Don't dawdle on Microsoft latest batch of patches: Don't dawdle on Microsoft latest batch of patchesI may have my gripes, but MS does keep up on security patches.I'll give them credit for that.After a recent patch killed the connection between......my PC and my MP3 player, I'll take my time with any "patch" M$ sends...... Including blacklisting any other...; Tags: Patches, SECURITY, Operating systems, patch, patch management, Microsoft Corp., Microsoft Windows, Linux; Discussion threads 2008-01-17
Don't dawdle on Microsoft latest batch of patches: If you're like most folks you are taking your time installing Microsoft's latest round of security patches. However, you may want to get your rear end in gear. Specifically apply MS08-001, which was released on Jan. 8. That patch fixed a Transmission Control Protocol/Internet Protocol (TCP/IP) processing...; Tags: Patch Management, Immunity, Microsoft Corp., Worm Attack, Ryan, Stewart, Cyberthreats, Patches, Security, Viruses And Worms, Larry Dignan; Blog posts 2008-01-17
Picasa 3.0 on the way: Anyone who uses Picasa to touch up and manage their photos will testify that it is a wonderful piece of software. I can't think of much that would make it even better, but maybe Google has been thinking hard enough to come up with some more really great features....; Tags: Google Picasa, Tools & Techniques, Management, Garett Rogers; Blog posts 2007-12-23
Single Investor Mortgage+Care (exe): Mortgage+Care is a complete line of software for the Private Money Lender or Broker. The program can handle various loan scenarios including discounted notes, incremental loans, interest only, amortized, etc. The Single Investor version does not split payments to multiple investors, but our more advanced versions write investor checks, create...; Tags: Payment, Investor, Mortgage+Care, Operational Accounting, Finance; Software downloads 2007-12-11
Can baking soda curb global warming?: Can baking soda curb global warming?Baking Soda..Because of the acid rain and leaves that get in my pool, I use a lot of baking soda in my pool or bath to soften the water.Great stuff why store it? Sell it to pool companies and others. I am sure...; Tags: sunlight, soda, carbon dioxide, global warming; Discussion threads 2007-11-27
Windows 2000 Security Patch: Malformed Hit Highlighting Vulnerability (exe): Windows 2000 Security Patch: Malformed Hit Highlighting Vulnerability addresses the "Malformed Hit-Highlighting" security vulnerability in Windows 2000 computers running Indexing Service, and is discussed in Microsoft Security Bulletin MS01-025. Download now to help prevent a malicious user from reading files on your Web server. This version is the first release...; Tags: Vulnerability, Microsoft Corp., Microsoft Windows, Microsoft Windows 2000, Operating Systems, Security, Software; Software downloads 2007-09-05