Microsoft Announces Patch for “Help Flaw” Security Hole - 1,635 Views, 1 Comment
|
Previous Article « New Spam Tactic Wreaks Havoc with DNS
Read Next Article » Two More Windows Patches from Microsoft
Making this flaw even more devestating than some others is the fact that it affects so many flavours of Windows, including version of 98, 98 SE, XP, ME, 2000, and Windows Server. Worse, this is one of the security holes for which the “how to exploit it” instructions were posted on at least one, maybe two or more websites, making the need for a fix extra-critical. Indeed, security companies were recommending that users disable Active X until a fix was offered. Well, the fix is now being offered by Microsoft, who says of this particular flaw and fix: “A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system. This vulnerability is documented in the Vulnerability Details section of this bulletin. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. We recommend that customers install the update immediately.” Aunty recommends so too, and you can get the patch here.
Follow Anne on
Twitter 
Friend Anne on Facebook
Not a moment too soon, Microsoft has announced a fix for that pesky “help flaw” involving ActiveX which Aunty first reported on here and again here just yesterday.
Microsoft Announces Patch for “Help Flaw” Security Hole
Twitter Explained in Plain English
Previous Article « New Spam Tactic Wreaks Havoc with DNS
Read Next Article » Two More Windows Patches from Microsoft
Read more:
» Windows ActiveX Flaw Still Active After Patch
» New Critical Internet Explorer (IE) Flaw Involves Msdds.dll
» Two More Windows Patches from Microsoft
» Microsoft SMTP Security Flaw Affects the Masses
For additional similar stories check out our archives on Everything Else, Hacking, Security, Windows
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Microsoft Announces Patch for “Help Flaw” Security Hole
Not a moment too soon, Microsoft has announced a fix for that pesky “help flaw” involving ActiveX which Aunty first reported on here and again here just yesterday. Making this flaw even more devestating than some others is the…
Trackback by Lockergnome's Windows Fanatics — 1/11/2005 @ 12:33 pm