Summary: This vulnerability affects: The email client shipping with any current version of Windows (whether it's Outlook Express or Windows Mail) How an attacker exploits it: By enticing one of your users to connect to a malicious POP3 or IMAP email server (or by performing a man-in-the-middle attack) Impact: An attacker can execute malicious code, potentially … [Read more...]
Microsoft's Windows 2000 Media Services update doesn't really fix the security flaw
Last Week, the Microsoft Security Response Center released a blog postwarning that they had pulled the MS10-25 security update because essentially, it didn't work. MS10-25 was supposed to fix a critical buffer overflow vulnerability in Windows Media Servers; the on-demand streaming services that ships with Windows 2000. By sending a specially crafted packet to your Windows … [Read more...]
Beware Malicious Publisher and Visio Documents
Summary: These vulnerabilities affect: All current version of Microsoft Office Publisher and Visio How an attacker exploits them: By enticing you to open maliciously crafted Publisher or Visio documents Impact: An attacker can execute code, potentially gaining complete control of your computer What to do: Install the appropriate Office Publisher and Visio patches … [Read more...]
Microsoft Exchange and Windows SMTP Service DoS Vulnerability
Summary: This vulnerability affects: All current versions of Exchange Server and many versions of Windows How an attacker exploits it: By sending specially crafted network traffic (malicious DNS MX record responses) Impact: Multiple impacts, in the worst case an attacker can crash your mail server, preventing you from receiving email What to do: Deploy the … [Read more...]
Eight Microsoft Windows Bulletins Close Over 20 Security Holes Bulletins Affect SMB Client, WMP, the Kernel, and More
Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network packets, or enticing your users to open malicious media Impact: Various results; in the worst case, an attacker can gain complete control of your Windows … [Read more...]