Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft on Tuesday plans to patch a "critical" Windows Help and Support Center vulnerability that is being widely exploited, the software giant announced Thursday.In addition, Microsoft plans to release three other patches: one impacting Windows and two affecting Office, Jerry Bryant, group manager of response communications at the company, said Thursday in a blog post. In total, five vulnerabilities are expected to be addressed in the monthly security update.
Chief among them is the Windows Help Center flaw, affecting XP and Server 2003 machines, which was disclosed last month in a controversial fashion by researcher Tavis Ormandy. Microsoft engineers began spotting in-the-wild exploits targeting the flaw on June 15, five days after the software giant confirmed the bug with the release of a security advisory.
Ormandy's disclosure prompted a number of other proof-of-concepts, followed by active exploits that initially were "targeted and fairly limited" in nature, Microsoft malware specialists said. However, recently the scope of the attacks dramatically widened.
On Tuesday, Microsoft also plans to fix another zero-day Windows vulnerability, disclosed in May. The flaw affects the Canonical Display Driver, which is used by the Windows desktop composition feature to blend drawings created in Graphics Device Interface and DirectX. However, Microsoft security experts have said creating a reliable exploit would be difficult.
This month's update marks the last time customers will receive support for Windows 2000 and Windows XP Service Pack 2 platforms.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.