Tag: microsoft
-
Microsoft research revives ‘friendly worm’ ideas
Malware techniques proposed as update-spreading method. A group of Microsoft researchers have put forward proposals to use worm techniques to spread patches and updates across networks, reopening an age-old debate on the possibility of ‘beneficial malware’. The research, to be presented at the INFOCOM conference in April by a team from Microsoft ‘s Cambridge, UK,…
-
Bumper Patch Tuesday short of one patch
Excel remains vulnerable as expected fix is dropped. Microsoft has issued its monthly ‘Patch Tuesday’ set of security updates, with a larger than usual crop of patches for a variety of products, including several for the Office range and Internet Explorer browser. However, one significant patch – for a vulnerability in Excel – was withdrawn…
-
Live Mail CAPTCHA system bypassed
Spammers use botnet to register accounts on popular free webmail service. Spammers have written a program that cracks the CAPTCHAS used by the Windows Live Mail registration system. The program, thought to have been installed on a large botnet of compromised systems, enables the automated creation of email accounts which can then be used to…
-
Microsoft alert on Excel vulnerability
Targeted exploitation of zero-day flaw seen in wild. Microsoft has issued a security advisory on an unresolved vulnerability in its Excel software, which has been reported as a vector for targeted attacks in the wild. Few details have emerged on the exact nature of the flaw, but it is known to affect several versions of…
-
Four IE bugs fixed by Patch Tuesday release
Seven updates, three critical in monthly security update. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin, featuring seven updates of which three are marked ‘critical’ and cover flaws which could allow remote execution of code if exploited on vulnerable systems. The critical issues are with DirectX , Windows Media Format and Internet Explorer ,…
-
Five-year-old design flaw found in all Windows versions
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw in Windows that could potentially affect millions of users. Said flaw seems to have been first discovered and, apparently, fixed more than five years ago, but this fix has turned…
-
Two fixes released on lightweight Patch Tuesday
Monthly security update covers just couple of dangers. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin, with only two patches issued, one rated ‘Important’ and the other ‘critical’. The more serious flaw, a problem with URI validation, has been publicly disclosed and can be used to remotely compromise a system. While exploitation methods have…
-
Microsoft unveils January-June threat report
Security analysis shows rise in vulnerabilities, trojans and scamware. Microsoft has released its latest ‘Security Intelligence Report’, covering the first half of 2007, showing a steady increase in reports of software vulnerabilities, ‘potentially unwanted’ applications and trojan activity. The study found vulnerabilities continuing in an upward trend lasting since 2003, with high-severity flaws rising most…
-
4 out of 5 critical issues fixed on Patch Tuesday
Expected patch omitted from monthly security update. Microsoft has announced the contents of its monthly ‘Patch Tuesday’ security update release, with four ‘Critical’ and two ‘Important’ fixes pushed out to users of its operating systems and software. A fifth issue, labelled ‘Critical’ in the advance notification released last week, remains open as the expected patch…
-
Microsoft files further adware patent
User behaviour monitors could be used to target ads. Following a patent application disclosed some months ago , details have been released of another adware scheme patented by Microsoft . This time, the idea is to monitor the behaviour of users to deduce the kinds of advertising that would be most effective at any given…