Tag Archives: microsoft

Security Alert for Windows XP Users

June 14, 2010

Microsoft is warning Windows XP and Server 2003 users that exploit code has been posted online showing attackers how to break into these operating systems remotely via a newly-discovered security flaw.

The security flaw has to do with a weakness in the way the Windows Help and Support Center processes links. Both Windows XP and Server 2003 retrieve help and support information from a fixed set of Web pages that are included on a whitelist maintained by Windows. But Google security research Tavis Ormandy discovered that it was possible to add URLs to that whitelist.

Microsoft, Apple Ship Big Security Updates

June 8, 2010

28 Comments

In its largest patch push so far this year, Microsoft today released 10 security updates to fix at least 34 security vulnerabilities in its Windows operating system and software designed to run on top of it. Separately, Apple has shipped another version of Safari for both Mac and Windows PCs that patches some four dozen security holes in the Web browser.

Microsoft, Adobe Push Critical Security Updates

May 12, 2010

22 Comments

Microsoft Corp. and Adobe Systems each released security updates on Tuesday. Microsoft issued two “critical” patches that address one security flaw apiece, while Adobe’s patches fix a whole mess of serious vulnerabilities in its software. One of the critical updates… Read More »

Adobe, Microsoft Push Security Upgrades

April 13, 2010

20 Comments

Software giants Adobe and Microsoft today each released software updates to fix critical security flaws in their products. In addition, Adobe is rolling out a new auto-updater tool that should make it easier for hundreds of millions of Adobe Reader users to more safely run one of the most frequently attacked applications on the Internet today.

Microsoft to Issue Emergency IE Fix

March 29, 2010

14 Comments

Microsoft Corp. said today it plans to break from its regularly scheduled monthly software update cycle to issue a patch on Tuesday for a security hole in its Internet Explorer Web browser that hackers have been exploiting lately. Microsoft normally… Read More »

Stopgap IE Fix, Safari Update Available

March 15, 2010

11 Comments

Microsoft has issued a stopgap fix to shore up a critical security hole in older versions of its Internet Explorer browser. Meanwhile, exploit code showing would-be attackers how to use the flaw to break into vulnerable systems is being circulated… Read More »

Microsoft Warns of Internet Explorer 0day

March 9, 2010

8 Comments

Microsoft issued two security patches today to plug important security holes in its Windows operating system and Office software. The software giant also warned that it is aware of hackers exploiting yet another unpatched security flaw in older versions of… Read More »

MS: Be Careful With Those Function Keys

March 2, 2010

9 Comments

Microsoft Corp. has a message for Windows 2000, XP and Server 2003 users: If you browse the Interwebs with Internet Explorer 6, 7, or 8, take care to ignore any prompts that ask you to hit the F1 key on… Read More »

Microsoft Ambushes Waledac Botnet, Shutters Whistleblower Site

February 25, 2010

20 Comments

Microsoft’s lawyers this week engineered a pair of important takedowns, one laudable and the other highly-charged. The software giant orchestrated a legal sneak attack against the Web servers controlling the Waledac botnet, a major distributor of junk e-mail. In an unrelated and more controversial move, Redmond convinced an ISP to shutter a popular whistleblower Web site for hosting a Microsoft surveillance compliance document.

Warning About ZeuS Attack Used as Lure

February 13, 2010

13 Comments

Criminals have co-opted a column I wrote last week about ZeuS Trojan attacks targeted at government and military systems: Scam artists are now spamming out messages that include the first few paragraphs of that story in a bid to trick… Read More »