Microsoft Fixes Critical Windows Image Flaw
- 11 March, 2009 05:42
- Comments
Microsoft Tuesday fixed a hole that could hand over control of your PC to an attacker if you view one poisoned image on a Web site or in an HTML e-mail. Similar flaws have been heavily targeted by online crooks in the past.
The flaw, MS09-006, involves the way the Windows kernel handles WMF and EMF (Windows Metafile and Enhanced Metafile) images. Simply viewing such an image on an unpatched PC would allow an attacker to execute any command, such as downloading and installing malware, and the risk is rated critical for Windows 2000, XP, Server 2003, Vista and Server 2008.
Mike Reavey, a Microsoft Security Response Center directory, says in an explanatory video that this flaw is "probably of interest to all customers using Windows," but that it "probably won't be reliably exploited." However, similar-sounding prior flaws with metafiles were widely targeted, and neither Reavey nor the bulletin says why this one might be any different. So play it safe and be sure to get this patch via automatic updates, and get more info from Microsoft's bulletin.
A second fix (MS09-007) in Microsoft's Patch Tuesday patch batch fixes a problem in the Microsoft Windows SChannel authentication component for Web sites. The hole could allow a bad guy to pretend to be a real user if the crook got his hands on the public portion of the user's authentication certificate, where normally a public and private component are required. The spoofing risk is only rated important, not critical, for Windows 2000, XP, Server 2003, Vista and Server 2008.
The third security fix for this month affects DNS and WINS servers. IT admins will need to apply the patch or risk DNS cache poisoning, an attack that has been successfully used in the past to force entire networks to visit a malicious Web site. See the MS09-008 bulletin for more info, and as with the other two patches, get the fix by running automatic updates.
- Bookmark this page
- Share this article
- Got more on this story? Email Computerworld
- Follow Computerworld on twitter
- Microsoft Security Bulletin MS09-006 - Critical: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
- The Microsoft Security Response Center (MSRC) : Security Bulletin Overview Video - March 2009
- Microsoft rushes out patch for WMF flaw
- Microsoft Security Bulletin MS09-007 - Important: Vulnerability in SChannel Could Allow Spoofing (960225)
- Slideshow: How DNS cache poisoning works
- Microsoft Security Bulletin MS09-008 - Important: Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)
- iPhone 5 rumour rollup for the week ending February 10
- 3D mapping revives underwater city
- Academic challenges Turnbull over NBN satellite criticism
- What are you saying: Telstra’s customer service slowly improving, SA minister urging Facebook to overturn its photo ban
- In pictures: Capgemini opens new Canberra office
-
IPv6 Forum chief: the new Internet is ready for consumption
-
After Megaupload shuts, BTJunkie follows
-
Windows Event Viewer phishing scam remains active
-
NeuroSky MindWave: Fun with Brainwaves
-
20 popular Ubuntu Linux apps you may want to try
-
Office 2007 All-In-One Desk Reference for Dummies
-
Office 2007 for Dummies
-
MYOB Software for Dummies 6E Australian Edition
-
Windows 7 for Dummies® Dvd+book Bundle
-
Windows 7 for Seniors for Dummies®
-
Windows 7 for Dummies®
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Microsoft Office
-
Teach Yourself Visually Windows 7
Comments
Post new comment