Users login

Create an account »


Users login

Home » Hacking News » Microsoft patches away

Microsoft patches away

by Nikola Strahija on February 15th, 2006 The Microsoft's monthly update brought fixes for seven vulnerabilities in Windows and its various parts. Five advisories are rated important while two are deemed critical.

The biggest news is, of course, patch for Windows media player, solving the critical vulnerability in its Graphics Rendering Engine that could allow for remote code execution.

Someone targeting that flaw could exploit the vulnerability by constructing a malicious bitmap file that allows remote code execution if a user visits a malicious Web site or views an e-mail message, Microsoft said.

The second critical patch is rather a bundle put together for the buggy Internet Explorer, including a remote execution issue in WMF files.

Microsoft said an attacker could potentially exploit the flaw by constructing a WMF image that allows remote code execution when an Explorer user visits a malicious Web site, opens or previews an e-mail message, or opens a specially crafted attachment in e-mail meant to target the vulnerability.

Other updates are taking care of WMP vulnerability related to the manner in which WMP's plug-in handles malformed EMBED elements, PowerPoint presentation software that could allow for unintended information disclosure by users, Windows XP and Windows server software related to its Web Client Service, and another related to those products' TCP/IP settings, both of which could allow for denial-of-service attacks on Web sites.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »