Microsoft warns of serious computer security hole
July 6, 2009 By JORDAN ROBERTSON , AP Technology Writer
(AP) -- Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.
The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.
It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.
Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.
The so-called "zero day" vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.
Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" - or software fix - for the problem.
Microsoft rarely departs from its practice of issuing security updates the second Tuesday of each month. When the Redmond, Wash.-based company does issue security reminders at other times, it's because the vulnerabilities are very serious.
A recent example was the emergency patch Microsoft issued in October for a vulnerability that criminals exploited to infect millions of PCs with the Conficker worm. While initially feared as an all-powerful doomsday device, that network of infected machines was eventually used for mundane moneymaking schemes like sending spam and pushing fake antivirus software.
---
On the Net:
Microsoft support page: http://tinyurl.com/kwh8ls
• Join PhysOrg.com on Facebook!
• Follow PhysOrg.com on Twitter!
©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
-
Don't fret about Conficker: Here's what to do
Mar 31, 2009 |
not rated yet |
0
-
New trojan detected for Microsoft Word
May 22, 2006 |
not rated yet |
0
-
Huge computer worm Conficker stirring to life
Apr 09, 2009 |
not rated yet |
0
-
Fix for Windows vulnerability due Jan. 10
Jan 03, 2006 |
not rated yet |
0
-
Microsoft Investigates IE 7 Vulnerability
Mar 16, 2007 |
not rated yet |
0
-
Fast photon control brings quantum photonic technologies closer
1 hour ago |
5 / 5 (2) |
0
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (33) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (5) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
How to tilt a object
14 hours ago
-
How to calculate total compressibility in liquid porous solid system
20 hours ago
-
Need help reading 3-D
Feb 11, 2012
-
A way to send and receive wireless data
Feb 11, 2012
-
Calling function with no input argument
Feb 10, 2012
-
Force free body diagram problem on gym equipment
Feb 10, 2012
- More from Physics Forums - General Engineering
More news stories
Independent group inspects Apple supplier
(AP) -- An independent group, the Fair Labor Association, has started auditing Apple Inc.'s Chinese supplier Foxconn after a request by Apple.
59 minutes ago |
not rated yet |
0
Teaching teens safety in the virtual world
A new cyber safety program on the dangers of social networking is being developed by Flinders University, in light of an alarming report which shows children as young as 12 are meeting internet strangers in ...
1 hour ago |
not rated yet |
0
Microsoft India retail site down after 'cyber attack'
Microsoft said Monday it was investigating an attack by hackers on its Indian retail website, reportedly carried out by a Chinese group called the "Evil Shadow Team."
4 hours ago |
not rated yet |
0
Chinese city seizes Apple iPads in name dispute
(AP) -- Authorities have seized Apple iPads from retailers in a city in northern China due to a dispute with a domestic company that says it owns the iPad name, an official said Monday. The Chinese company said it is asking ...
4 hours ago |
not rated yet |
0
AT&T customers surprised by 'unlimited data' limit
(AP) -- Mike Trang likes to use his iPhone 4 as a GPS device, helping him get around in his job. Now and then, his younger cousins get ahold of it, and play some YouTube videos and games.
6 hours ago |
5 / 5 (2) |
3
Planck mission steps closer to the cosmic blueprint
(PhysOrg.com) -- ESA's Planck mission has revealed that our Galaxy contains previously undiscovered islands of cold gas and a mysterious haze of microwaves. These results give scientists new treasure to mine ...
Slowing ocean current caused Earth to spin faster
(PhysOrg.com) -- Most people probably didn’t notice it, but back in 2009, the Earth spun around on its axis a tiny bit faster than usual, making for some slightly shorter days. It only happened for a ...
Fast photon control brings quantum photonic technologies closer
(PhysOrg.com) -- Using photons instead of electrons to transmit information could lead to faster and more secure ways to communicate, among other advantages. Now a team of physicists has taken another step toward realizing ...
New ability to regrow blood vessels holds promise for treatment of heart disease
(Medical Xpress) -- University of Texas at Austin researchers have demonstrated a new and more effective method for regrowing blood vessels in the heart and limbs a research advancement that could have ...
New European rocket lifts off on maiden flight
Europe on Monday successfully launched a new lightweight rocket carrying a test payload, culminating a more than 12-year quest to master the entire range of space launchers.
New molecule has potential to help treat genetic diseases and HIV
(PhysOrg.com) -- Chemists at The University of Texas at Austin have created a molecule that's so good at tangling itself inside the double helix of a DNA sequence that it can stay there for up to 16 days before ...
Jul 06, 2009
Rank: 5 / 5 (1)
Jul 06, 2009
Rank: 5 / 5 (1)
Jul 06, 2009
Rank: 5 / 5 (3)
Jul 06, 2009
Rank: not rated yet
Jul 07, 2009
Rank: 5 / 5 (1)
first off, the article states the typical method it uses to get tpeople to the site is a link in spam mail...
"Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail."
ok so thats ID10T user right fkn there right....
Second off, which the article doesnt provide enough info, depending on HOW it exploits IE and the OS, it may be preventable, however, IF the default security settings on the OS of any given windows version are not locked down enough out of the box, that could of course open MANY holes..
But before you no MS likers actually swear off of Microsoft, you should look at the abilities to lock down the OS (at least in the "professional", "business", "ultimate", and server editions of ever OS since Win2000)...most exploits can be prevented, as long as you know how youre being attacked :)
Jul 07, 2009
Rank: 5 / 5 (3)
LuckyBrandon, haven't you learned that here in the USA all the smart people are responsible for protecting the dumb people from themselves? That's why we have so many lawyers. LOL.
I know how to fix this.... send a spam email that goes to a site that explains to people (in simple terms) the dangers of clicking on links in spam emails. Oh, and put the words "Click me first" in the subjectline!!!! LOLOLOLOL :)
Jul 07, 2009
Rank: not rated yet
I like it Dig :D
Jul 11, 2009
Rank: not rated yet
I don't think Microsoft has a responsibility to protect people from their own stupidity; but I do think they have a responsibility to prevent their software from being weaponized into a platform for attacking and extorting innocent people.
Jul 12, 2009
Rank: not rated yet
Jul 13, 2009
Rank: not rated yet
Jul 15, 2009
Rank: not rated yet
evgen-if you put 20,000 linux systems out there in place of windows, i guarantee you that would not be a problem for long at all