'Critical' Windows Hijack Flaw Reported

KingFishKingFish
edited April 2004 in Science & Tech
Security researchers have discovered a serious boundary error vulnerability in multiple versions of Microsoft's Windows platform and warned that attackers could hijack systems via Windows Explorer and Internet Explorer (IE).
Rodrigo Gutierrez, a researcher with Trustix AS, notified Microsoft of the flaw with a warning that it could be exploited by malicious attackers to cause a buffer overflow and lead to system takeover. Microsoft confirmed Gutierrez's findings in an advisory and recommended users install the latest service packs for Windows XP and Windows 2000. The software giant said the hole was fixed in the service packs but independent security consultants Secunia said the vulnerability "has been confirmed on fully patched systems running Windows XP and Windows 2000."
OK, where's the patch for the patch on this one? -KingFish

Source: InternetNews

Comments

  • JengoJengo Pasco, WA | USA
    edited April 2004
    hmm....

    i wonder what they are gonna do about this one...
  • KingFishKingFish
    edited April 2004
    Well it puts a dark cloud over their security initiative if their patches aren't even doing the job. This is definitely bad news for microsoft. It's one thing to have a problem and having to fix it. It's much worse of a problem if the fix doesn't work. Microsoft had better not rest on its laurels on this issue and get out a quick, solid response.

    KingFish
Sign In or Register to comment.