MS Patches Vista Bug That Survived Beta

Microsoft Corp. today unveiled the second stage of its April security updates by releasing five security bulletins that patched eight vulnerabilities — including one that was missed during the company’s Windows Vista beta testing and ended up in the final version of the new operating system.

Of the four updates that addressed bugs in Windows, the MS07-021 update was clearly the one to patch pronto, said researchers. “This is my first [to patch] choice,” said Amol Sarwate, manager of Qualys Inc.’s research lab. “It affects everyone,” agreed Minoo Hamilton, senior security researcher with patch management vendor nCircle Network Security Inc.

The update, which fixes three different bugs, includes one marked critical that affects all supported editions of Windows, from 2000 through XP and Server 2003 to Vista. The vulnerability in the error message processing of the Windows Client/Server Run-time Subsystem (CSRSS) can be exploited remotely, said Microsoft, and could result in a complete compromise of the PC.

The most likely way to deliver an attack: Dupe users into visiting a malicious Web site. Ironically, this MsgBox flaw was acknowledged by Microsoft more than three months ago and was reported to the company’s security team about the same time as the animated cursor (ANI) bug patched by an emergency fix last week.

Comments

Post a Comment

Popular posts from this blog

Firefox CAN be faster – 4 easy tricks

Now that we all know the hidden pages in Firefox, it’s time to go a bit deeper into tweaking your browser for optimal use. All of the operations will be made in the about:config page, so save your important stuff, open up a new tab, write about:config in the address bar and be prepared. I have gathered four tricks that will improve your Firefox experience, and here they are. 1. Fetch only pages that you click Firefox mostly resembles to Google from this point of view. It has a built-in feature (enabled by default) that will pre-download the pages behind the links it thinks you MIGHT click. Google anticipates you might click the first result from the page, but how in the world can Firefox anticipate the link you’re going to click? Anyway, in my opinion this is just useless bandwidth usage, CPU power and HDD space. You’re practically downloading and storing pages you are not viewing. Here’s how you stop that in three simple steps. In the about:config list, filter up your search after ‘ne...
Read more

How To Avoid Hacker Attacks On Firefox

Security problems with Microsoft’s dominant Internet Explorer browser helped pave the way for Mozilla Firefox to emerge as a perfect alternative for Web surfers. However, Firefox users should be aware that hackers can exploit software flaws and design features to launch drive-by attacks. Following are steps to disable various features in Mozilla Firefox. Note that some menu options may change between versions or may appear in different locations depending on the host operating system. You should adapt the steps below as appropriate. The following configuration changes, can disable various features and set up the browser to run in a secure state, limiting the damage from malware attacks. To get started, select Tools, then Options. firefox You will then see an Options window that has a row of categories along the top. The first category of interest is the General category. Under this section, for instance, you can set Firefox as your default browser. firefox Under the Privacy category, y...
Read more

Firefox, now on TV

It’s remarkable enough that the Internet has come so far that an ad about a browser isn’t out of the ordinary, but it’s even more remarkable that these ads were made by Firefox fans off their own back, and paid to air by the same. It all started last year when the Mozilla foundation started the Firefox Flicks campaign, in an effort to drive grass-roots support and generate short, fan-made, 30 second clips. Naturally, these could be shared across the Net and drive awareness for the browser. The program was so successful over 200 entries were submitted, and while there are plenty that wouldn’t have a hope of seeing the light of day, some are actually quite well made and genuinely entertaining. The full list of entrants starts here and includes funny and humorous entries including this one that actually cracked me up. You’ll also find the bizarre, ninjas (can’t go wrong there), the clubby, the crazy, the animated, and I swear I know people like this. There’s even an Aussie themed entry. T...
Read more