Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Microsoft re-issues two patches

Patches from Ubuntu, Debian, Gentoo, others Microsoft: We took out Storm botnet CNN site hit by China attack, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 04/24/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Critical holes newly fixed for Internet Explorer and Windows
Microsoft has re-issued two patches. One patch, originally issued during the April Patch Tuesday, is rated critical and affects all recent version of Internet Explorer. The vulnerability is known as the "data stream handling memory corruption vulnerability." It could enable remote code execution because of the way that IE processes data streams. If a user visits a Web page that exploits the vulnerability, it could allow the attacker to gain the same user rights as the logged-in user. Microsoft Subnet, 04/23/08.

Updated patch bulletins:

Sun Open Source Identity Management Guide: Download now

Vulnerabilities in .NET Framework Could Allow Remote Code Execution

Cumulative Security Update for Internet Explorer
**********

Related Content

Asterisk patches critical flaw
A flaw in the way the Asterisk PBX handle certain handshake sequences could be exploited to hijack calls. A fix is available.
**********

Two new updates from Ubuntu:

Gnumeric (buffer overflow, code execution)

Firefox (javascript flaw, code execution)
**********

Three new patches from Debian:

iceweasel (javascript flaw, code execution)

roundup (code injection)

ikiwiki (cross-site forgery)
**********

Four new fixes from Gentoo:

Openfire (denial of service)

VLC (buffer overflow, code execution)

DBmail (information disclosure)

CUPS (integer overflow, code execution)
**********

Today's malware news:

Microsoft: We took out Storm botnet
Microsoft today took credit for crushing the Storm botnet, saying that the malware search-and-destroy tool it distributes to Windows users disinfected so many bots that the hackers threw in the towel. Computerworld, 04/22/08.

Hackers jack thousands of sites, including UN domains
Large numbers of legitimate Web sites, including government sites in the U.K. and some operated by the United Nations, have been hacked and are serving up malware, a security researcher said today as massive JavaScript attacks last detected in March resume. Computerworld, 04/23/08.
**********

From interesting reading department:

FAQ: Windows XP SP3 ships - finally
Microsoft Monday finally slapped a "Done" sticker on Windows XP Service Pack 3 (SP3) and pushed it out the door. The designation of SP3 as RTM, for "release to manufacturing," wasn't much of a surprise, given how the company's schedule leaked last week. Computerworld, 04/21/08.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed