Excerpts below from Wired.com concerning latest Microsoft patches.
Full article: wired.com
08:15 AM Sep. 15, 2004 PT
SEATTLE -- Microsoft released a patch for its latest "critical" rated security flaw affecting its Windows, Office and developer tools software programs, the company said Tuesday...
Microsoft, which now releases security bulletins and updates on a monthly cycle, said that its latest software flaw stems from the way its software processes images in the JPEG image format...
Users opening a file or viewing a specific image could be at risk if a hacker exploits the flaw and tries to gain access to a personal computer.
"The vulnerability could only be exploited by an attacker who persuaded a user to open a specially crafted file or to view a directory that contains the specially crafted image," Microsoft said in a statement, "There is no way for an attacker to force a user to open a malicious file." ...
The patch affects Microsoft's Windows XP, Office 2003, Project, Visio, Visual Studio, and other programs that handle JPEG images.
"The one thing that makes this a bit different is that it affects so many applications," said Craig Schmugar, a virus research manager at McAfee Inc. "Home users should definitely roll this (patch) out as soon as possible."
Regarding Office patch:
Microsoft released another patch on Tuesday rated "important," affecting software used to convert WordPerfect files within Microsoft Office. |
