TELECOM Digest OnLine - Sorted: New Microsoft Patches Already Getting Exploited

New Microsoft Patches Already Getting Exploited

News Wire (
Wed, 13 Jul 2005 19:49:22 -0500

Microsoft warns of software flaws in Word, Windows.

Microsoft Corp. warned users on Tuesday of three new security flaws in
its Windows and Word software and issued patches to fix the flaws,
which could allow attackers to take over a computer system.

All three of the "critical"-rated security patches could potentially
allow an attacker to take control of a personal computer and use it to
steal data or launch other attacks, said Stephen Toulouse, a manager
at Microsoft's Security Response Center.

"The key thing is really that we want to make people understand the
risk with these flaws and that they enable automatic updates," said
Toulouse, referring to a feature in Windows that downloads and
installs the software patches automatically.

Two of the flaws are related to imaging technology used by Windows,
which could potentially allow an attacker to take control of a system
simply by having the user view a digital image that contains software
code that exploits the flaw, which could be installed on a computer
without the user's knowledge.

"Simply by viewing one of these malicious images you can become
infected with anything from adware and spyware to any other suspicious
code," said Oliver Friedrichs, senior manager at Symantec Corp.'s
Security Response Center.

"We've really seen a proliferation of Web sites that exploit these
types of software flaws," said Friedrichs, who recommended users
install the patches from Microsoft and keep their anti-virus and
security software up-to-date.

The Word flaw, which affects various versions of the word-processing
program released in 2000 and 2004, could let an attacker take over a
personal computer if a user opens a document file containing software
code designed to exploit the flaw.

Microsoft issued the patches as part of its monthly security bulletin,
which it adopted in 2003 to make it easier for users and computer
system administrators to install patches and keep track of
vulnerabilities in Microsoft's software.

Users can also download the patches to fix the software flaws at

Microsoft, based in Redmond, Washington, has been working for the last
three years to improve the security and reliability of its software
under its Trustworthy Computing initiative, as more and more malicious
software targets weaknesses in Windows and other Microsoft software.

Copyright 2005 Reuters Limited.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at . Hundreds of new
articles daily.

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Elizabeth Millard: "Microsoft Patch Tuesday Has Critical Side"
Go to Previous message: "Re: Bell South Plans Number Changes in Florida"
Next in thread: Barry Margolin: "Re: New Microsoft Patches Already Getting Exploited"
May be reply: Barry Margolin: "Re: New Microsoft Patches Already Getting Exploited"
TELECOM Digest: Home Page