Microsoft patches a vulnerability exploited by Stuxnet
On Tuesday, Microsoft has launched a series of updates for their operating systems, including patching a previously unknown vulnerability that the worm Stuxnet had already begun to exploit to attack the Internet.
Saturday, January 1, 2011
Real Estate Agent Introduction Letter Sample
In all, Microsoft issued nine security bulletins to fix 13 vulnerabilities, four of them critical, which jeopardized its users.
One of the most important security bulletins in this series is called MS10-061, discovered by Kaspersky Lab Stuxnet while investigating the worm. The worm was exploiting Vulnerability in Print Spooler is taking advantage that security experts had not yet discovered.
"It's very difficult to know exactly what a malicious program will do in a specific platform because the behavior on each platform is different, so we had to parse the byte by byte. (...) We could do it much faster by working together, and the newsletter is in essence the result of this [teamwork], "said Maarten Van Horenbeeck, Center for Microsoft Security Response (MSRC).
Microsoft has classified this vulnerability as "critical" for Windows XP and "important" for Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2. The vulnerability allows attackers to take control of infected computer, but in XP the threat is greater because it creates an account for visitors automatically when it detects an anonymous user, unlike other systems that ask the user does it manually.
Meanwhile, Microsoft is developing a patch for two vulnerabilities that security experts also discovered while analyzing a Stuxnet. The worm is already exploiting these other two vulnerabilities.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment