Microsoft Corp. confirmed today that Windows, including Vista, contains a critical unpatched vulnerability that can be used by attackers to usurp PCs when users surf to malicious sites.
In a security advisory posted this morning, Microsoft’s Security Response (MSRC) team acknowledged a bug in Windows’ animated cursor, a component that lets developers show a short animation at the mouse pointer’s location. Animated cursor files typically use the .ani extension, but the MSRC warned that hackers might disguise malicious animated cursors with other extensions. The SANS Institute, in fact, said it had received reports of in-the-wild exploits using files renamed to .jpg. Read More»
Posted in Software, Windows Vista | No Comments »
February 27, 2007 by
Jason Microsoft is investigating two recently disclosed security vulnerabilities that affect Internet Explorer 7 and Windows Vista, the company said Monday. The vulnerabilities aren’t considered high-risk, yet they affect the latest releases of Microsoft’s Web browser and operating system software.
Microsoft has promoted the security of both IE 7 and Windows Vista. The flaws could let attackers get their hands on sensitive user information, security experts have warned. The French Security Incident Response Team said in an alert that the IE vulnerability, which also affects IE 6, could be exploited in phishing attacks, scams that try to trick people into giving up sensitive information such as credit card data and Social Security numbers. Read More»
Posted in Software, Windows Vista | 5 Comments »
