February 9th will bring numerous Microsoft Updates, 13 bulletins addressing 26 vulnerabilities. All versions of Windows are affected. Looks like a busy Tuesday is ahead. See Microsoft’s Security Bulletin Advance Notification for February 2010 for additional details.
Microsoft has announced in Advisory (980088) that there has been a publicly disclosed vulnerability in Internet Explorer, versions 5 through 8. Users not running Internet Explorer in Protected Mode are at risk of having information, in files with predictable names, accessed by attackers. This vulnerability cannot be exploited to execute remote code or used for a denial-of-service attack. The largest group of users at risk are Windows XP users running IE without Protected Mode enabled. Internet Explorer on Vista and Windows 7 has Protected Mode enabled by default. ...
Valentines Day is coming and people are getting ready with preparation and plans to gift some thing different to their loved ones. In this race how can Windows stay behind? So it has released an official Valentine theme to change you desktop to a festive mood. Here is a screen shot of this theme. You do not need any other modification to install this theme as it is not a third party theme. This theme also includes complete sound pack, to move you with the rhythm. Just download the theme and double click it. ...
Microsoft Corporation has almost started assembling the final build of Office 2010 aka (MS office 14) RTM version. As per the news leaked on Wzor, Development of OFFICE 2010 software package has come to its last stage.The build is codenamed as Escrow with build number 14.0.4734.1000 According to Wzor, This RTM Escrow Build 14.0.4734.1000 has already been circulated within Corporation and is available to company employees and partners. Few days before, when Build 14.0.4730.1007 was leaked on Torrent network, its EULA (License Agreement) read that its a RTM version but apparently it was just a Pre RTM build. Testers are still working on it and if there no problems, it will move to RTM version. ...
I am a very lucky guy. In fact, I must be the luckiest person in the world since spammers like to send all kinds of lucky spam to me. These days, I get inundated with lucky spam. The last spam I had, I got offered a free gift card if I purchased some Viagra from them. Wow. On other days, asking me to lose my weight results in instant chances of winning a lottery at the same time and all of this is due to my lucky email address. ...
But don’t. Please don’t!… just…. don’t!… Instead, why don’t you apply the out-of-band patch ( MS10-002 ) that Microsoft has just released…?!!! Patching remote-code-execution vulnerabilities is usually “a good idea” to say the least. But, considering that: Microsoft rushed to get this patch out…… ( Thank you Microsoft! ) And that, this patch addresses several Internet Explorer vulnerabilities – of which includes CVE-2010-0249 – the infamous “Aurora attacks” related vulnerability that’s well known to be making the rounds in the wild. ...
Early this afternoon Microsoft released an out-of-band security bulletin patching the vulnerabilities in Internet Explorer. The fix has been at the top of the news since the vulnerabilities it treats are believed to have led to the compromise of Google and about 30 other companies last week in what has been called the “Aurora” attack. The governments of France and Germany suggested that Internet users switch to a different browser until the vulnerability was fixed. ...
Microsoft is releasing an out-of-band update for their IE vulnerability. Internet Explorer 6 is affected and is being actively exploited in the wild. The patch will be released on the 21st, today, see Microsoft’s Security Bulletin for additional details. Also in Microsoft news, Security Advisory (979682). There’s a vulnerability in Windows kernel privilege escalation. The vulnerability affects all versions of Windows (NT 3.51 up to Windows 7), on non x64-based systems, unless 16-bit application support is disabled. ...
Microsoft has said it will issue an out-of-band patch today for critical vulnerabilities in Internet Explorer that allow remote execution of code. The company said yesterday it would not wait until the February “Patch Tuesday” to fix the vulnerabilities. The much discussed “Aurora” vulnerabilities in IE have been held at least partially responsible for cyber attacks on Google and more then two dozen other major companies. The attacks on Google were aimed at Gmail accounts of dissidents and Google’s source code. The attacks on the other companies were aimed at stealing intellectual property. ...
This Black Tuesday was different as anticipated – Microsoft releases only one security bulletin, but other companies “jumped in” and deliver updates now as well. For the windows operating systems, only one Security Bulletin was released. MS10-001 deals with a vulnerability in the decompression routines of the Embeded OpenType Font Engine. This means that especially in Windows 2000, programs like Internet Explorer, Word or PowerPoint for example which render EOT fonts can put the system at risk when viewing manipulated contents. In newer operating systems the flawed code is used differently so that Microsoft assumes that it isn’t exploitable there. ...