MX Logic Email Filtering, Web Filtering and Email Archiving Managed Security Services
Anti Spam, Email Filtering and Other Resources MX Logic Support Contact MX Logic about Email Filtering, Web Filtering or Email Archiving Solutions Login to the MX Logic Control Console
Search
MX Logic Advantage Email Filter, Web Filter and Email Archiving Services Email Filter, Web Filter and Email Archiving Services MSPs, VARs and Partners MX Logic News & Events About MX Logic

MX Logic » Security News » Network Security » Microsoft patches four critical flaws

Microsoft patches four critical flaws

Wednesday, November 12, 2008

In its monthly security bulletin, Microsoft has identified four vulnerabilities which could lead to a data security breach.

Issuing two patches to address the problems - one rated critical and one important - the company announced that XML Core Services and Internet Explorer were vulnerable.

So too, hackers could exploit the flaw labelled important at the Server Message Block (SMB) protocol level, potentially leading to a network security breach and arbitrary remote code execution.

Commenting on the critical fault, the company claimed: "The most severe vulnerability could allow remote code execution if a user viewed a specially crafted web page using Internet Explorer."

Meanwhile, the fault could also allow for an elevation of privileges and the creation of new accounts.

Network World has reported that vulnerabilities are well known in security circles.

The critical bug was publicly exposed nearly two years ago by Polish network security researcher Michal Zalewski.

Analysts talking to Network World said that it is a wonder that hackers have not been exploiting the flaw in the wild.ADNFCR-1765-ID-18872281-ADNFCR

Related News:

Gaza strip conflict spurs cyberattack - 1.2.2009
Last weekend, more than 300 Israeli websites have been defaced in massive cyberattacks in a form of retaliation for the brutal conflict emerging between the Jewish state and Hamas targets in the Gaza Strip.

DOS attack for smartphones possible - 1.2.2009
A German security researcher has shown how a malicious text message may be used as a denial-of-service (DOS) attack for some Nokia smartphones that is now prompting some security providers to release updated software.

Big network security threat in 09: angry employee - 12.30.2008
While network security has evolved to block botnets and various phishing attacks, there is still no cure for the "malicious insider" with the knowledge and the will to take down a company from the comfort of their cubicle.

Childs stands trial for hijacking San Francisco network - 12.29.2008
A San Francisco superior court ruled yesterday that there is enough evidence for Terry Childs, a former network administrator, to stand trial for allegedly hijacking the city's online system he helped design.

Some attacks in 09 may target hardware - 12.26.2008
While so much network security revolves around securing software, programs and applications, one inventive hack from the past year may lead to more innovation in phishing attacks in 2009.
IT Security Blog Subscribe to the IT Security Blog
Lance Winslow Post Follow Up
1.5.09

Twitter Security
1.4.09

Who is Lance Winslow and What is He Talking About?
1.3.09

More...
View Related Resources
About MX Logic:
MX Logic is a leading provider of managed email security and Web security services that deliver enterprise-grade performance without enterprise-level complexity and costOur easy-to-use, award-winning services reduce risk and liability, lower overall IT costs, and increase productivity. MX Logic services are available through our industry-leading partner network
General Information:
Why MX Logic? PDF
Unconditional Guarantee
About MX Logic PDF
White Papers
Data & Fact Sheets
Or
Watch an Online Demo
Or
Have us call you now

Privacy Policy
© MX Logic, Inc.
All Rights Reserved.

MX Logic
9781 S. Meridian Blvd. Suite 400 Englewood, CO 80112
Toll-Free: +1.877.MXLOGIC

  MX Logic provides Email Filtering, Web Filtering and Email Archiving managed services for use in network security.