what is the word
Subscribe About Mail us
SciTech News - Microsoft could issue emergency patch for Trojan exploit

Microsoft could issue emergency patch for Trojan exploit
WASHINGTON - There's yet another attack on the Internet Explorer and this could prompt Microsoft to issue a patch earlier than the monthly patch cycle slated to be released on December 13. The flaw in the IE is related to the way that Windows presents certain graphics files. WASHINGTON - There's yet another attack on the Internet Explorer and this could prompt Microsoft to issue a patch earlier than the monthly patch cycle slated to be released on December 13. The flaw in the IE is related to the way that Windows presents certain graphics files.

Microsoft said that it was aware of the flaw and that the exploit code had been posted on the Internet. "Microsoft is aware that detailed exploit code has been published on the Internet for the vulnerability that is addressed by Microsoft security bulletin MS05-053," said a spokeswoman fro Redmond, adding that as of now no attacks using the code had been intimated to the company.

"Initial investigation of this exploit code has verified that successful exploitation could lead to a denial-of-service attack...not remote code execution," she stressed. The critical flaw that was announced by Microsoft last month has been rated "low" by the company, but if there are any reports of attacks then they would have to patch it up immediately.

The update referred to by the company spokeswoman was about the patch released by Redmond to fix the handling of the Windows Metafile and Enhanced Metafile image formats. Microsoft said that using that particular flaw, a hacker could trick Windows users into clicking on images that linked to "spoof" websites. Security analysts say that the fact that the exploit code has been posted on the Net may be an indicator of an imminent attack.

The SANS Internet Storm Center has asked users to turn off the JavaScript in order to avoid being infected. It has emerged that Microsoft has been unable to patch up flaws of this particular variety despite being aware of it since May.

The Microsoft spokeswoman said that a patch was being readied but, "There are many factors that impact the length of time between the discovery of vulnerability and the release of a security update and every vulnerability presents its own unique challenges."
Written by : Paco Tyee | Published on : 11:06:00 EST Fri, 02 Dec 2005
Of interest »
» Microsoft unveils security suite
» Exploit code out for 'Extremely Critical' Internet Explorer flaw
» Grief shared by the World as aid pours in for quake hit South Asia
» Sony's copy-protection software found to be virus transmitter
» Google issues patches to cover security flaws in Google Mini

New News »





Something to say?

Title
Your Name

Your Email


Enter this code Below

  


© 2006 What is the word | All Rights Reserved
RSS Channels » Money | Showbiz | SciTech | Lifestyle | Travel | USWorld