Windows XP and 2000 Users Beware - New “High Risk” Flaws in Outlook and Internet Explorer - 1,345 Views, 2 Comments
|
Previous Article « CAN-SPAM Smack Down for Spammers Hiding Behind Affiliates (Email Marketing)
Read Next Article » Free Citywide Wifi - User Boon or Starbucks Devil?
A Windows user’s computer can become infected through these holes by doing nothing more than web surfing to a site which is infected. “If a user is tricked (into going) to a site carrying malicious code, they can become infected by just surfing across a banner ad,” according to Ben Nagy, a senior security engineer with eEye Security, which discovered and announced the flaws. While Microsoft has been made aware of the issue, a Microsoft spokesperson stated that “At this time, Microsoft is not aware of any malicious attacks attempting to exploit the reported vulnerabilities, and there is no customer impact based on this issue.” She added that “Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through a service pack, our monthly release process or an out-of-cycle security update, depending on customer needs.” Nagy of eEye confirms this, saying that “Microsoft has acknowledged a vulnerability does exist and is real, but I doubt they will release a patch out of (their monthly) cycle.” So what can the end user do in the meantime, besides cross their fingers and hope that this doesn’t happen to them? Well, perhaps the most important is to not open email if it’s not email from someone or somewhere you know - you know, if it seems like it’s likely to be spam, and to especially not click on links inside such email. And wait for Microsoft’s next patch.
Follow Anne on
Twitter 
Friend Anne on Facebook
Newly discovered flaws in both Outlook and Internet Explorer (IE) were uncovered and announced over the weekend. The security holes are considered to be especially “high risk” in part because they require little to no user interaction in order for a third-party to exploit them. The security flaws exist in the default installations of Windows XP, Windows 2000, Windows NT 4.0, and Windows Server 2003.
Windows XP and 2000 Users Beware - New “High Risk” Flaws in Outlook and Internet Explorer
Twitter Explained in Plain English
Previous Article « CAN-SPAM Smack Down for Spammers Hiding Behind Affiliates (Email Marketing)
Read Next Article » Free Citywide Wifi - User Boon or Starbucks Devil?
Read more:
» Microsoft Announces Web View Security Hole in Windows 2000
» Internet Explorer 6 Security Flaw Given “Extremely Critical” Status
» Microsoft Windows Security Updates for October - 3 Critical!
» Windows Media and Outlook Express Both at High Risk
For additional similar stories check out our archives on Security, Windows
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
My comments on this matter can be easily dismissed as the delusional ramblings of a parinoid conspiracy theorist, however I challenge everyone to provide evidence which proves me wrong. Windows does not have security flaws, what it does have is access methods which are included by design. While this is still only a theory, it based entirely on the facts. Microsoft was found guilty of antitrust violations. The guilty verdict was upheld by the appelate courts. Microsoft was not sentenced for the crimes. The DOJ allowed the guilty party to negotiate their punishment. In return Microsoft agreed to include easy access methods whereby “Big Brother” can easily read our files and monitor our onlne activities. When security experts discover these access methods the “gullible majority” still believe that a security flaw exists.
Comment by Sheenada — 4/5/2005 @ 5:58 am
Excerpt from interview with Microsoft Rep:
http://www.washingtonpost.com/wp-dyn/articles/A38496-2004Aug27.html
Washington, D.C.: What specifically does Microsoft Homeland Security do? Sell software? Services?
Tom Richey: Our goal has been to assist in the development of technology to help detect, prevent, and deter terrorist activity in both small and large cities - linking everyone from the top intelligence official to the cop on the street - in a worldwide effort to stay one step ahead of those who threaten America.
Comment by RJL — 4/6/2005 @ 12:04 pm