Microsoft has released security updates for Windows 7 and Windows Server 2008 R2 designed to bulletproof Internet Explorer 8 against attacks targeting browser components and controls built with vulnerable variants of the Microsoft Active Template Library (ATL). In this sense, the Redmond company started offering Microsoft Security Bulletin MS09-034 rated Critical; namely the Cumulative Security Update for Internet Explorer (972260), via Windows Update, but also through the Download Center. In this regard, at the bottom of this article you will be able to find the links to the security updates for Windows 7 and Windows Server 2008 R2, the ID... [read more >>] Microsoft confirmed not only that malware attacks designed to take advantage of a Server Service vulnerability, affecting both Windows client and server versions of the platform, were no longer isolated and targeted cases, but also that infections with malicious code had been detected. On November 25, Bill Sisk, Microsoft Security Response Center communications manager, and Ziv Mador, senior program manager and response coordinator, revealed that the company was aware of a new wave of attacks, targeting a vulnerability rated as Critical, for which Microsoft Security Bulletin MS08-067 had been released in October as an out-of-band patch. Th... [read more >>] Microsoft usually releases patches once a month, on a day called by the industry the “Patch Tuesday”. However, the Redmond company released an unscheduled advisory along with a patch for a highly critical vulnerability in the Server service, which can be exploited remotely and allow code execution. According to Microsoft's severity rating system, this vulnerability is tagged as Critical for Windows 2000, XP and Server 2003 and Important for Windows Vista and Server 2008.The vulnerability allows an attacker to completely compromise a system remotely and execute code by sending a maliciously crafted RPC request packet. The vu... [read more >>] When it transitioned the default browser of Mac OS X to Windows, Apple wrapped it up in a "secure by default" marketing aura, aimed to give users of the Microsoft proprietary operating system a real taste of browser protection. It is precisely Safari's high security level the reason for which Microsoft is advising users of Windows XP Service Pack 3 and Windows Vista Service Pack 1 to steer clear of Apple's browser. "Restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple," is the Redmond company's advice in relation to the Safari Carpet Bomb issue made public by security re... [read more >>] Both Internet Explorer 7 and Internet Explorer 8 in its current phase of development, namely Beta 1, are vulnerable to a critical zero-day security flaw with proof-of-concept code available in the wild. The Cross-Zone Scripting vulnerability in the browser's "Print Table of Links" feature was discovered by independent security researcher Aviv Raff, who also made public the attack code the past week. Microsoft was informed about the vulnerability but has so far failed to issue a patch in response. However, security company BitDefender informed that it had already addressed the problem by issuing a signature update for its products. The ... [read more >>] With the advent of Windows Vista RTM, the public perception focused on XP SP2's superiority and further development of the two platforms comes to support such a scenario, despite Microsoft's claims of the contrary. The Vista RTM vs. XP SP2 face-off has now translated to the comparison between Windows XP Service Pack 3 and Windows Vista SP1. And despite the fact that Vista was applauded as an apex of security (because of the Security Development Lifecycle), with SP1 designed to carry the evolution onward, it is Windows XP SP3 who manages to prove itself on the front lines of attacks. The third and final service pack for XP is safe ... [read more >>] According to Microsoft, one distribution of Linux passed the 1,000 security vulnerabilities milestone in just over two years on the market. Linux, alongside the UNIX-based Mac OS, are operating systems perceived as secure by default, and at the opposite pole of what Microsoft is offering with Windows. The perception extends to the perspective where Linux is not only an epitome of security but also a foolproof product. This is of course not the case. There is no silver bullet solution for security, and in this respect, the code of Mac OS X, Linux and Windows is equally vulnerable, via software design flaws. Ever since Windows Vista hit the s... [read more >>] Microsoft denied that it is messing around with the settings of the Windows Vista operating systems without the users' consent. The Redmond company has set up a complex updating infrastructure designed to keep copies of the Windows platform up to date on the latest functionality patches, as well as serve security updates for the product. Following the latest wave of security bulletins that began shipping on October 9, Windows Vista users revealed that the patches delivered via Automatic Updates managed to change the settings of the operating system. The issue is related to an undisclosed number of users that set up their Vista copies ... [read more >>] An official Microsoft security update designed for Internet Explorer infects Windows computers with malware. According to security company Symantec, an original IE patch is used as an incentive for potential victims to download and deploy malicious code on their machines. Spammed emails, masquerading as Microsoft Security Bulletins claim to offer a patch for Internet Explorer. That is not the case, explained Vikram Thakur, Symantec Security Response Engineer. The email either contains an attachment or delivers the link to the malicious download, and urges users to update immediately. In order to throw suspicious users off track, an official... [read more >>] Another month and Windows Vista, Microsoft's most secure Windows platform to date, is yet again at the forefront of the vulnerability trenches. Having applauded the high security performances inherent with the additional mitigations introduced by the Redmond Company into the fabric of the operating system, Microsoft only invited the "hunt" for vulnerabilities impacting the platform. Windows is traditionally one of the most targeted "items of prey", and this rule is confirmed with Vista. June 2007 brings to the table fresh new security updates from Microsoft. Three of the patches are designed to plug hole in Windows Vista. Of course tha... [read more >>] | 
RSS
