What's frustrating about this is that Works often ships with lower-end computers, like those in use by students or as home computers. For the enterprise, this shouldn't be a huge threat -- even though there is no fix for it yet, just a warning from Microsoft on how to avoid it. The vulnerability is within an ActiveX control for the Works' Image Server, says McAfee analyst Kevin Beets.
A PC would need to visit a Web site engineered to exploit the flaw, and agree to download the ActiveX component. But we are all fairly well trained to ignore computer system warnings these days, so it's likely that users would accept the bad component.
Go to the Microsoft Subnet home page for more news, blogs, podcasts.
The Microsoft Subnet blog is the official blog of the Network World's Microsoft Subnet community, managed by editor Julie Bort. Microsoft Subnet is the independent voice of Microsoft customers and is your gateway to daily Microsoft news, blogs, opinion, books, prize giveaways and more. Visit the Microsoft Subnet index page daily, and while you are there, subscribe to the Microsoft newsletter. The newsletter includes news generated by the Microsoft Subnet community as well as other Microsoft news stories published by Network World.
|
|
