Download This Special Report

Sunday, August 13, 2006

Computer Business Microsoft Fixes Critical Remote Code Execution Vulnerabilities

Computer business Microsoft recently announced 12 fixes, nine of which were critical in its monthly Patch release last Tuesday. The nine critical patches fixed flaws allowing attackers to remotely execute malicious code.

The most important patch deals with a flaw in the Windows Server Service (MS06-040). Experts at the security research firm Nevis Networks stated the flaw doesn’t force user interaction and might enable an attacker to get total control over a system, allowing attackers to change or delete data and create full-access accounts.

Still another patch (MS06-048) released by the computer business repaired two different remote code execution issues in Powerpoint, one of which was a vulnerability that cropped up just after last month’s release of flaws. The attack has to do with a Trojan horse called Trojan PPDropper B, originally transmitted in an email from gmail that probably started in Asia.

The recent problems released by computer business Microsoft can be taken advantage of by creating a PowerPoint file with faulty code and asking the target to click on an email link, giving the attacker total control over the machine and the ability to add users. Still, the attacker would have to be logged in and have full system privileges to have an effect.

Hackers would also be able to use a flaw in Outlook Express (MS06-043) because of the manner in which Windows parses MHTML.

Exerts state that no company should take this recent release by the computer business lightly. While some of these exploits may not initially seem to impact a great deal of items, they can easily take over a network and cause serious problems. It is expected that the recent zero day trend that came about after the new patch Tuesday will continue as the patches are tweaked.

Blogged By: Computer Consulting 101