- Recommend:
- 0 Comments
Microsoft Patches Critical Windows Flaw
Security hole could allow an attacker to delete files on affected PCs.
Microsoft said users of its Windows Millennium Edition operating system risk having their files deleted by an attacker because of what it called a critical security vulnerability. It issued a patch for the flaw Wednesday.
It has issued a patch for the Windows Me Help and Support Center where the URL handler for the "hcp://" prefix, used to access the center, contains an unchecked buffer.
An attacker could create a URL that executes his or her code on the user's computer and gives access to local files, which can then be added to, deleted, or modified. The false URL could be placed on a Web page or e-mailed to the intended victim, Microsoft said.
E-Mail Attacks
The severity of e-mail attacks would depend on the e-mail client being used. Outlook Express 6.0 or Outlook 2002 in the user's default configurations, or Outlook 98 or 2000 in conjunction with the Outlook Mail Security Update, would stop automated attacks, but the user is still vulnerable if they click on the link in an e-mail.
If the user had another e-mail client, the attack could be triggered automatically, Microsoft said.
In order for an attacker to be successful they would have to lure users to their own Web site or send them an HTML e-mail. If the user is running Internet Explorer 6.0 Service Pack 1, the Help and Support Center function cannot be started automatically in Outlook Express or Outlook, Microsoft said.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
Lenovo IdeaPad
See why the IdeaPad tablet is optimized for ultimate entertainment.
-
Stellar Tech Deals
Don't miss out on great deals from around the web.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
-
Free Outlook Add-In PocketKnife Peek Reveals Hidden Info
-
Help Solve the Outlook 'General Failure' E-Mail Error
-
eM Client: Affordable Alternative to Microsoft Outlook
-
Add a Tabbed E-Mail View to Microsoft Outlook
-
Porn Site Users Beware: LulzSec Posts Your E-mail Address
-
Patch Tuesday Fixes Critical Bluetooth Flaw in Windows 7
-
Microsoft Outlook Social Connector Folds Facebook and LinkedIn Into Outlook
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
Put Linux on a USB Drive, Bypass Windows Updates
-
Valentines for Your Sweetheart Window 7 Theme
-
How Do I See Who's Been Using My PC?
-
How to Reset Your Windows Password
-
Windows 8 for ARM Devices: How it's Distinct
-
Microsoft Readies Valentine's Day Windows Patches
-
How to Set Up a Wireless Router
-
Microsoft Details Windows 8 for ARM Devices
-
How to Run Android Apps on Your PC
-
Windows 8 Consumer Preview Release Date: For Microsoft, It's All About Mobile
-
Shut Down Windows Without Installing Updates
-
How to Format Your Hard Drive in Windows
Ad Choices