More flaws found in Microsoft Windows

Patch time again

By Nick Farrell

Wed Sep 15 2004, 08:39

MICROSOFT HAS found another major glitch in its software.

The giant has released a patch so that Windows doesn't let in hackers when it handles JPEG graphics formats.

The flaw means that attackers can create an image file that will automatically run dodgy code, dump it on a web-site and let Internet Explorer run it.

Anti-virus companies think the glitch is extremely dangerous even though they have not actually seen any code that can exploit the hole.

The flaw affects Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. If you are running the recently released SP2 you are protected apparently.

Microsoft also released another patch for a flaw in Office, Publisher, Word and Works which deals with the way WordPerfect file converted.

An attack could be carried out using a malicious WordPerfect document. µ

L'INQ
Vole Hole One
Vole Hole Two

Microsoft’s January Patch Tuesday fixes a critical Windows Media flaw Totals eight vulnerabilities Wednesday, 11 January 2012, 16:26 PM Read more	The INQUIRER review of the year A look back at the big news stories of 2011 Friday, 23 December 2011, 08:00 AM Read more
Microsoft and Adobe release security updates Remote code execution flaws patched Wednesday, 14 September 2011, 13:32 PM Read more	Wordpress blogs are at risk Hole found in a popular third-party script Wednesday, 3 August 2011, 15:11 PM Read more
Microsoft fixes Pwn2own Internet Explorer hole Along with 63 other software vulnerablities Wednesday, 13 April 2011, 11:14 AM Read more	BBC music websites get hacked Most anti-virus brands missed the show Wednesday, 16 February 2011, 12:44 PM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

SAS / SQL Junior Data Anal

SAS / SQL Junior Data Analy...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

More flaws found in Microsoft Windows

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review