Language Selection

English French German Italian Portuguese Spanish

Microsoft warns of software flaws in Windows

Filed under
Microsoft

Microsoft Corp. warned users on Tuesday of three new security flaws in its Windows and Word software. and issued patches to fix the flaws, which could allow attackers to take over a computer system.

All three of the "critical"-rated security patches could potentially allow an attacker to take control of a personal computer and use it to steal data or launch other attacks, said Stephen Toulouse, a manager at Microsoft's Security Response Center.

"The key thing is really that we want to make people understand the risk with these flaws and that they enable automatic updates," said Toulouse, referring to a feature in Windows that downloads and installs the software patches automatically.

Two of the flaws are related to imaging technology used by Windows, which could potentially allow an attacker to take control of a system simply by having the user view a digital image that contains software code that exploits the flaw, which could be installed on a computer without the user's knowledge.

"Simply by viewing one of these malicious images you can become infected with anything from adware and spyware to any other suspicious code," said Oliver Friedrichs, senior manager at Symantec Corp.'s Security Response Center.

Full Story.

Remember

When XP was announced they were bragging on how secure it was. hahahahahahahahaha slaps knee...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Fedora: The Latest

  • Korora 22 Flash Update
    As we announced when Korora 22 was released, Adobe Flash is no longer included by default.
  • Fedora repository for Doom stuff: Zandronum, Doomseeker, CnDoom
    I had a bit of free time over the last few days, and looked at the current state of the art for Doom on Linux. The awesome Rahul Sundaram has been looking after several Doom-related packages for a while – including the Chocolate Doom package – but there are some things that seem to be commonly used these days that we didn’t have packaged. So I packaged them up, and put them in a new repository!
  • CUDA 7.0 enabled programs for Fedora 22
    I’ve udpated the CUDA version in the Fedora 22 Nvidia repository, it now contains CUDA 7.0.28 along with the cuFFT 7.0.35 patch. Note that from this version, CUDA is x86_64 bit compatible only, so there are no more i386 packages. There is still the cudart library available for 32 bit, but I don’t think it’s worth packaging.
  • Secure Boot — Fedora, RHEL, and Shim Upstream Maintenance: Government Involvement or Lack Thereof
    Note that there are parts of this chain I’m not a part of, and obviously linux distributions I’m not involved in that support Secure Boot. I encourage other maintainers to offer similar statements for their respective involvement.
  • Remi repository is changing
    The "remi" repository exists for > 10 years, it have changed a lot, and some recent changes worth to be explained.

Android Leftovers

Leftovers: OSS

GNU/FSF

  • The state of Federation
    It’s been a long time since there has been any news on the state of federation, so here’s an update on where Mediagoblin’s at and some technical aspects of federation. We’ve been working with the W3C Social Working Group to define the future of federation, and part of my work there has been to work on the ActivityPump standard. There’s more to say on that and why we’re investing time there, but this blogpost will mostly be about MediaGoblin and federation from a technical perspective.
  • Who actually reads the code?
    I am the maintainer of a piece of free software called GNU Parallel. Free software guarantees you access to the source code, but I have been wondering how many actually read the source code. To test this I put in a comment telling people to email me when they read this. The comment was put in a section of the code that no one would look to fix or improve the software -- so, the source code equivalent to a dusty corner. To make sure the comment would not show up if some one just grepped through the source code I rot13'ed the source code.
  • Who Reads the Source Code Anyway?
    Today's new feeds were just chock full 'o interesting articles. The first up came from Ole Tange who set up a little experiment to see how long it took for someone to read his source code. Bryan Quigley commented on "The Mozilla We've Got" and OpenSource.com interviewed Linus Torvalds' daughter, who is building a career in computer science and engineering. Elsewhere, Brook Kidane reviewed Point Linux 3.0 and Laurent Montel ran down KDEPIM 5.0.