All the latest UK technology news, reviews and analysis
|
|
|
11 Jan 2006
Even as Microsoft was releasing its latest batch of patches, two previously undocumented Windows Meta File (WMF) flaws have been exposed.
The new vulnerabilities were discovered by a computer enthusiast known as 'cocoruder' and affect all Windows operating systems beyond Windows 95.
The flaws are in the Graphics Rendering Engine and could allow a hacker to exploit a memory overrun and crash a PC.
"Our initial investigation has found that these are not security vulnerabilities but rather performance issues that could cause an application to stop responding," said Microsoft in a statement.
"These issues do not allow an attacker to run code or crash the operating system. They may cause the WMF application to crash, in which case the user may restart the application and resume activity.
"Microsoft had previously identified these issues as part of its ongoing code maintenance and is evaluating them for inclusion in the next service pack for the affected products."
The flaws were posted on the Bugtraq mailing list, and code purporting to exploit the flaws appeared shortly afterwards.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Credit Risk Modeller, SAS, London, £50,000 Title- Credit...
My London client is looking for an experienced Programme...
My leading client is looking for a number of excellent...
My client, a leading international name in Manufacturing...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Deficient software
Perhaps its time that Operating System development was taken out of the hands of commercial companies and treated as a public service. Then we could have the efficiencies of a user friendly, non-profit making service such as the IR or NHS to look after us. Doh!
Posted by: Chris Hibbert 12 Jan 2006
Deficient software
I keep wondering when there will be a class-action lawsuit brought by business and users the world over. Microsoft releases software with too many known flaws, because making their own money, regardless of the expense to all of us in the way of frequent software slowdowns, "blue screens of death," and easy exploits that have us all afraid to even read e-mail must cost billions of dollars in productivity each year. Companies have to hire entire IT departments just to keep Windows up and running and viruses that can cripple the Windows operating system from ruining everyone's work. Yet Microsoft keeps getting away with this shoddy and irresponsible peddling of inferior products as though they are they only choice we have. ugh... More money probably goes into marketing this crap than in fixing bugs or better, redesigning the entire architecture responsibly, so viruses can't take over our computers. But that would cost them time and money, and of course, that isn't what they most want to do. It's really disgusting. Microsoft spokespeople have the nerve to say "all you have to do is restart your computer and resume..." Yeah. After you do that a bazillion times, it becomes a more than a simple procedure. It can be responsible for many lost hours of productivity in the end.
Posted by: Melanie 11 Jan 2006