Browse by Topic Home News Hardware Reviews Software Reviews How-To
Videos Downloads Shop & Compare CommunityBusiness house insurance Subscribe to magazine
Magazine
Subscribe & Get
a Bonus CD
Customer Service
Find a Review
Holiday emo clothes Guide 2008 Audio & Video Business Center Cameras Cell
Phones & PDAs Communications Components & Upgrading Desktop PCs DVD &
Hard Drives Gaming Hardware & Software HDTV Laptops Macs & iPods
Monitors Printers Spyware & Security The PCW Test Center Windows Vista
& XP Resource CentersDLP® HDTV ShowroomDuracell Technology CenterIntel
Technology CenterLenovo Laptop ShowcaseLexmark WiFi Printers Most
Popular Search Terms
* Laptops
* iPod Nano
* Backup
* Printers
* Memory
* Tablet
* Wireless
* Storage
Most Popular Products
* Sharp AQUOS LC-52D62U 52" LCD HDTV
* Canon PIXMA MP600 All-In-One Inkjet Printer
* Sony Bravia KDL-40V2500 40" LCD HDTV
* Samsung LN-S3251D 32" indie clothing HDTV
* Vizio L37 37" LCD HDTV
Most Popular Downloads
* Spybot Search & Destroy
* Windows Movie Maker
* AVG Anti-Rootkit
* DVD Shrink
Free NewslettersReceive the latest reviews, how-to's, news, and more.
Weekly Brief Daily Downloads Daily Technology News Go
volvo insurance See All Newsletters
WiFi Finder
Locate wireless services by a specific address,
city, state, country, airport, or zip code.
* Get Connected Now
RSS FeedsGet our latest content via convenient RSS feeds. mandarin tutor chicago News
Today @ PC World
* See All RSS Feeds
Become a PCW MemberJoin the community and start enjoying the benefits:
* Get tech advice from thousands of PC World Members
* Rate custom poker cards recommend the latest tech products
* Share your thoughts in blog and article comments
* Get free excerpts and exclusive discounts on Super Guides
Signing up is free and easy. cheap house insurance More About: Windows Bugs • Windows
Patch Tuesday: Microsoft Fixes Critical Windows Bug
ford insurance The November security updates fix the so-called URI problem, a
critical Windows bug that has been exploited by online emo style -----------------------------------------------------------------
Robert McMillan, IDG News Service
Tuesday, November 13, 2007 12:00 PM PST Recommend this story? Yes No
Please Wait...
Microsoft has released its November security updates, fixing a
critical Windows bug that has been exploited by online criminals.
Microsoft released just two security updates this month, but security
experts say that IT staff will want to install both of them as quickly
as possible. The MS07-061 update is particularly critical because the
flaw it repairs has been seen in Web-based attack code, said Amol
Sarwate, manager of Qualys's vulnerability research lab. "This was a
zero day [flaw] that was being used in the wild by hackers," customized playing cards said.
The flaw has to do with the way Windows passes data full color custom playing cards applications, using a technology called the URI (Uniform Resource
Identifier) protocol handler. This is the part of Windows that allows
users to launch applications -- an e-mail or instant messaging client,
for example -- by clicking on cheap car insurance Web link. Because Windows does not
perform all of the security checks necessary, hackers found ways to
sneak unauthorized commands into these Web links and the flaw could be
exploited to install unauthorized software on a victim's PC.
This type of flaw lies in both Windows and the programs being launched
by the Web link and Microsoft had initially said that it was up to
third-party software developers to fix the issue. It later reversed
this position and decided to fix the flaw in Windows as well. These
URI protocol handler chinese lessons chicago have turned up in Adobe, Firefox and
Outlook Express.
Microsoft was forced to revise its position on the URI bugs after
researchers discovered that independent clothing were far more problematic than first
thought, said Nathan McFeters, a security best car insurance with Ernst &
Young, promotional playing cards has been studying this problem. "I think that early on it
wasn't clear that this was an issue," he said via e-mail. "There's
really a handful of issues with this URI use and abuse stuff."
Microsoft's patch for this problem indie clothes rated critical for Windows XP
and Windows Server 2003 users, but the bug does not affect Windows
2000 or Vista, Microsoft said.
The second vulnerability, rated streetwear clothing by Microsoft, has to do
with Windows DNS (Domain Name System) servers, which are used to
exchange information about the location of computers on the Internet.
Attackers could exploit this flaw life insurance redirect victims to malicious Web
sites without cards playing custom knowledge, something known as a "man in the
middle" attack. "All system administrators should look very closely at
this vulnerability," Sarwate said. "I would have personally rated it
as critical," he said.
poker shape playing cards experts were surprised that Microsoft did not include a patch
for a known vulnerability in some Macrovision antipiracy software that
has been shipping with Windows for the last few years. Microsoft has
said that it plans to patch the problem and that it is motorcycle insurance of
"limited attacks" that exploit this vulnerability to get elevated
privileges on a victim's machine.
The bug lies in the best insurance driver built by Macrovision that ships
with Windows XP, Server 2003 and Vista, but Vista is not vulnerable to
the problem, according to Microsoft.
Macrovision has also published a patch for this problem.
Its a "bit worrisome" that Microsoft hasn't pushed out a auto insurance for the
bug, given that Macrovision has already made its fix available, said
Andrew Storms, director of security operations with nCircle Network
Security, via instant message. "However, [it's] understandable that
Microsoft would want to run the better auto insurance through its QA [quality
assurance] and streetwear clothes release cycles," he added. "Given the choice
between the URI bug and the Macrovision fix, enterprise security
operations teams would much rather have the URI fix."
Users of Microsoft's WSUS (Windows Server Update Services) update
system had been wondering if they were going to get Tuesday's patches,
after a Microsoft programming error knocked WSUS administration
consoles offline on Sunday and Monday. Microsoft had misnamed an entry
in WSUS's database causing the consoles to crash.
The problem was fixed on Monday, said Bobbie Harder, a Microsoft
senior program manager, in a blog posting. But WSUS servers that
synchronized with cheap renters insurance between 5 p.m. Sunday and 11 a.m. Monday
Pacific Time will need to resynchronize to avoid the problem.
Though she had heard of one user who had to manually updated his WSUS
server, Tuesday's updates went off without a hitch, said Susan Bradley,
a WSUS user who is chief technology officer with Tamiyasu, Smith, Horn
and surfboard shape playing cards Accountancy.
Recommend this story? Yes No Please Wait... Related Searches:
microsoft windows update • windows patches •
CommentsPosting comment ...
0 / 1000 max characters
Related Content
* Microsoft Fixes Update Malfunction in Time for Patch Tuesday
* Windows Server 2008 Pricing Told
* New Microsoft Program Allows Windows on Resold PCs
* Microsoft Fires CIO
* Attack Code Out for Critical Kodak Bug in promo playing cards * Leopard Hacked to Run on PCs
Tags at a GlanceMicrosoft Corporation - Macrovision Corporation -
Microsoft Windows XP - Microsoft Windows Server - Mozilla Firefox -
Microsoft Windows 2000 - Ernst & Young LLP Latest NewsLeopard Mauls
Rivals in Japan Apple's new operating system has taken a bite out of
the market, accounting for half of retail sales in October.
14-Nov-2007 Nokia Updates Smartphone The N82 smartphone features GPS
and a 5-megapixel camera with Xenon flash. 14-Nov-2007 Microsoft
Readies OneCare Update Amazon is already taking orders for release of
OneCare 2.0 security suite, shipping next week. 14-Nov-2007 iPhone
Could Have Two Sellers in China China's second biggest mobile operator
is open to talks with Apple about selling the iPhone there.
14-Nov-2007 AT&T whole life insurance Mobile Banking Preloaded and downloadable
bank access apps are offered nationwide through Wachovia and SunTrust.
14-Nov-2007 More news Learn more about Office 2007 directly from
Microsoft
Discover the redesigned, easier-to-use
2007 playing cards Office system
PC World's Marketplace
----------------------
PC World's Free Whitepapers
---------------------------
Name
City
Address 1
State
Zip
Address 2
E-mail (optional)
Canadian Residents | Foreign Residents | Gift learn mandarin chicago |
Customer Service | Privacy Policy Search QUICK LINKS: cheap laptops
cell phones laser printers HDTV reviews LCD TV Plasmas digital cameras
laptop reviews security antivirus windows vista reviews digital camera
reviews inexpensive desktop LCD wide screen monitors
tech news tech blogs community & forums laptop prices software reviews
downloads About UsContact cheap insurance GuidelinesNewslettersFAQIDG
InternationalMagazine Customer Service© 1998-2007, PC World
Communications, Inc.Terms of Service AgreementPrivacy PolicyCommunity
Standards RSS FeedsXMLIDG NETWORK:CIOComputerworldCSOGameProGames.netIDG
ConnectIDG jumbo playing cards ExpoInfoworldITWorld CanadaJavaWorldLinuxWorldMacuserMacworldMikroDatornNetwork
WorldPC AdvisorPC-WeltPC World HungaryPC World Latin AmericaPC World
KomputerPlaylisttecCHANNEL