Log In | Register
7 Comments
Printadvertisement
SAN JOSE — Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.
The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.
It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.
Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.
The so-called "zero day" vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.
Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" — or software fix — for the problem.
Microsoft rarely departs from its practice of issuing security updates the second Tuesday of each month. When the Redmond, Wash.-based company does issue security reminders at other times, it's because the vulnerabilities are very serious.
A recent example was the emergency patch Microsoft issued in October for a vulnerability that criminals exploited to infect millions of PCs with the Conficker worm. While initially feared as an all-powerful doomsday device, that network of infected machines was eventually used for mundane moneymaking schemes like sending spam and pushing fake antivirus software.
___
On the Net:
Microsoft support page:
© 2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
5 Votes- Enjoy this article? Help vote it up the 'Vine.
Published to:
- Jordan Robertson's Column, All of Newsvine
- Groups: none
- Regions: United States , San Francisco/Oakland/San Jose
 | Windows users ambushed by attack on fresh IE flaw | The Register (UK) | Mon Jul 6 | 3 |
- Public Discussion (7)
What's this?
Who's leading the conversation?
This visualization below allows you to see the impact that each user
has on the current conversation.
The top row contains the group of users who have had the most impact, the 2nd
row the group of users who have had the 2nd most impact (et cetera).
Users with similar impact are grouped together, and the average score of the group
is shown to the left of the group. The author of the article is also shown on the
left, in their corresponding group.
Each user's score is based on the number of comments the user has made plus the
number of votes their comments have received. The scores are calculated relative
one another, so while their absolute value is not particularly important, their
relative difference does indicate a larger difference in impact on the conversation.
3.0
1.9
{"commentId":8059576,"authorDomain":"NunuvYerbizness"}
What else is new? When Microsoft makes a product that doesn't suck, it'll be that day they try to make a vacuum cleaner.
{"commentId":8059576,"threadId":"620642","contentId":"3002252","authorDomain":"NunuvYerbizness"}
- 2 votes
#1 - Mon Jul 6, 2009 5:12 PM EDT{"commentId":8059738,"authorDomain":"dacincykid"}
So why are you giving the people a web address that is blocked by most firewalls as a spy site? Tinyurl is a redirect site which redirects traffic to web sites that are sometime favored by hackers. Is this a joke or what?
{"commentId":8059738,"threadId":"620642","contentId":"3002252","authorDomain":"dacincykid"}
- 2 votes
#2 - Mon Jul 6, 2009 5:21 PM EDT{"commentId":8066897,"authorDomain":"eriqalan"}
Depending on the length of the url they have been known to - essentially - corrupt newsvine pages
{"commentId":8066897,"threadId":"620642","contentId":"3002252","authorDomain":"eriqalan"}
- 1 vote
{"commentId":8072624,"authorDomain":"stupidloon"}
The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.
Anyone using IE deserves it, IMO.
{"commentId":8072624,"threadId":"620642","contentId":"3002252","authorDomain":"stupidloon"}
#3 - Tue Jul 7, 2009 9:58 AM EDT{"commentId":8080193,"authorDomain":"ancdefg"}
It's not a long web site. I just used the TinyURL to get the KB article and then went to microsoft.com and popped in the KB number.
edit: however, Newsvine apparently clipped it right out. Go figure. Guess I won't bother to be using Newsvine again -- too much pointless hassle.
{"commentId":8080193,"threadId":"620642","contentId":"3002252","authorDomain":"ancdefg"}
- 1 vote
#4 - Tue Jul 7, 2009 3:42 PM EDT{"commentId":8082257,"authorDomain":"eriqalan"}
You, as a new user, are in the "greenhouse".
In an attempt to reduce spammers being able to use this site, people who are new users may not copy an url into their posts until they "graduate" (i.e. demonstrate by making several comments that they are a real human being wanting to participate, not spam)
This was an AP post (notice there is no seeder or author given, but an AP byline), and they may use tinyurl by default because some sites do not allow / break on ampersands, pound signs, etc. used in URL's as well as too long; which breaks newsvine pages
{"commentId":8082257,"threadId":"620642","contentId":"3002252","authorDomain":"eriqalan"}
- 1 vote
{"commentId":8153248,"authorDomain":"anomalies"}
thanks for the info.
{"commentId":8153248,"threadId":"620642","contentId":"3002252","authorDomain":"anomalies"}
- 1 vote
#5 - Sat Jul 11, 2009 2:50 AM EDT{"canLink":false,"threadId":"620642","isPrivate":false}
You're in Easy Mode. If you prefer, you can use XHTML Mode instead. |
As a new user, you may notice a few temporary content restrictions. Click here for more info.
Start Tracking
Stop TrackingCOMPANY STUFF:
LEGAL STUFF:
- © 2005-2009 Newsvine, Inc. |
- Newsvine® is a registered trademark of Newsvine, Inc. |
- Newsvine is a property of
