You are here: Home / Archives for critical patch

Microsoft issues ‘critical’ patch for shortcut bug | BBC News

August 2, 2010 By Leave a Comment

Microsoft has issued a “critical” security update to fix a flaw in the way Windows handles shortcuts.

The bug allowed attackers to craft booby-trapped shortcuts that allow them to take over a target computer.

Many users set up shortcuts to get to programs and places in Windows that they use regularly.

Microsoft said it released the patch because it had seen an increase in the number of attacks on the vulnerability.

The fix will be sent out to those that automatically update their machines. It will also be available via the Windows Update site.

via BBC News – Microsoft issues ‘critical’ patch for shortcut bug.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Microsoft fixes 8 IE holes, including one used in attacks | InSecurity Complex – CNET News

January 21, 2010 By Leave a Comment

Microsoft on Thursday issued a cumulative critical patch for Internet Explorer that fixes eight vulnerabilities, including a hole targeted in the China-based attacks on Google and other U.S. companies.

The security update is rated critical for all supported releases of IE 5, 6, 7, and 8, according to the advisory. The more severe vulnerabilities could allow remote code execution if a user views a malicious Web page using IE, it said.

This IE security update was already planned for release on the next scheduled Patch Tuesday (February 9), Jerry Bryant, senior security program manager at Microsoft, said in a blog post.

Microsoft has known about the hole for at least four months, after it was privately disclosed it to the company, Bryant said.

“When the attack discussed in Security Advisory 979352 was first brought to our attention on January 11, we quickly released an advisory for customers two days later,” he wrote. “As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September.”

via Microsoft fixes 8 IE holes, including one used in attacks | InSecurity Complex – CNET News.

Filed Under: Tech Bytes Tagged With: , , , , , , , , , , ,