According to reports by ZDNet, Microsoft warns of a potential problem with its graphics engine which may allow hackers to compromise the security of a logged in user and run codes which would allow the attacker to install programs to view, change or delete user data. The users with administrative rights would be more vulnerable than users with minimal rights. To date, there have been no attacks that MS is aware of.
The hacks are initiated when a user opens a web page which looks legitimate but is not. It can also happen when an innocent looking but malicious word document or other attachment is opened by the user.
MS says that those using Windows XP, Windows Server 2003, Vista and Windows Server 2008 with service pack 2 are affected. Windows 7 and Windows Server 2008 R2 are not affected.
Microsoft has a list of commands which can help modify the access control list or ACL to aid the user in becoming less vulnerable to viral and hack attacks.
For more details on this story and to obtain the ACL commands, please visit
http://www.zdnet.com/blog/security/microsoft-warns-of-unpatched-windows-flaw/7875.
No comments:
Post a Comment