Severity: Medium 12 July, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted WINS messages and enticing users to open malicious documents Impact: Various. In the worst case, an attacker can gain control of your Windows … [Read more...]
Microsoft Black Tuesday: Updates for Mangled Office Documents and Malicious WINS Messages
Unless you're one of the eagle-eyed viewers that caught Microsoft's slip last Friday, today is the first day you get to see this month's batch of MS product patches. As expected, Microsoft only released five Important updates for Windows and Office products this month. While none of the updates fix overly critical issues, I'd still recommend you try to install them at your … [Read more...]
Nasty WINS Messages Hijack Windows Servers
Severity: High 10 May, 2011 Summary: These vulnerabilities affect: Windows Server 2003 and 2008 How an attacker exploits them: By sending specially crafted WINS packets Impact: An attacker can gain complete control of your Windows computer What to do: Install the appropriate Microsoft patches as soon as possible, or let Windows Automatic Update do it for you. Exposure: As … [Read more...]
Microsoft Black Tuesday: WINS and PPT Code Execution Flaws
May Patch Day is live, so go grab Microsoft's latest security updates. According to the May summary bulletin, Microsoft released two security bulletins containing software updates for Windows and Office. One update fixes a critical code execution in the Windows WINS services. Though Windows doesn't enable this service by default, most administrators do run it on their Windows … [Read more...]