Fix for latest Microsoft flaw
p2pnet.net News:- For the second time in two weeks security professionals have, “released a third-party fix for a Windows flaw that is actively being used in cyberattacks,” says ZDNet News.
“The group, calling itself the Zeroday Emergency Response Team, or ZERT, created the patch so Windows users can protect their PCs while Microsoft works on an official update,” says the story. “People have a choice of third-party fixes.”
Affected are Windows 2000, Windows XP and Windows Server 2003, and the flaw could be exploited via the Internet Explorer Web browser through WebViewFolderIcon, Microsoft revealed in a security advisory.
Security experts consider the flaw to be critical because it could be exploited by attackers to run unauthorized code on a victim’s PC, says Computerworld, adding, “Security researcher HD Moore published details of the bug on July 18, but he recently added attack code that exploited the flaw to his widely-used Metasploit hacking toolkit.”
Microsoft plans a fix for October 10, “its regularly scheduled patch day, it said last week,” says ZDNet.
So until then, uses can go fish, although, “With attacks mounting, the company might be forced to issue its patch sooner,” says the story, adding, “On Tuesday Microsoft rushed out a fix for the VML flaw, which was also being exploited in attacks and for which ZERT also released a patch.”
Also See:
ZDNet News – Second third-party fix out for Windows bug, October 1, 2006
Computerworld – Determina patches latest Microsoft flaw, September 29, 2006
p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile – http://p2pnet.net/index-wml.php
