Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Two critical MS patches

Two critical MS patches

by Ivana Strahija on May 10th, 2006 The regular Microsoft patch Tuesday brought three patches, two of which are critical. The vulnerabilities allow remote code execution, so donít forget to patch up.


The most serious of the threesome is the bug in Microsoft Exchange and its calendar function: -An attacker could exploit the vulnerability by constructing a specially crafted message that could potentially allow remote code execution when an Exchange Server processes an email with certain vCal or iCal properties, says the Microsoft vuknerability advisory.

The second flaw addressed in the Tuesday patch bundle is in fact one that has been already long patched: Adobe Macromedia Flash Player had a problem with handling of SWF files. Maliciously crafted SWF's could lead to remote code execution. Only users of versions 6 and prior need this update.

The last piece of the bundle is a moderate vulnerability in Microsoft Distributed Transaction Coordinator which would allow a malicious attacker DoS the infected system.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »