General discussion

NEWS - February 9, 2005

Microsoft releases 'critical' patches
By Dawn Kawamoto CNET February 8, 2005, 3:07 PM PT

Microsoft on Tuesday released a higher-than-usual number of monthly updates, more than half of which were given the software company's highest rating of "critical."

The software giant announced a dozen updates, eight of which were given its highest severity rating. Microsoft's Office XP, Internet Explorer 6 and an image file component of the Windows operating system for Media Player and MSN Messenger were among the updates dubbed critical.

"This is their second-largest bulletin release since they started doing these monthly updates, except for the 24 bulletins they released last year," said Vincent Gullotto, vice president of the antivirus emergency response team for security specialist McAfee. "But it's common to see this kind of ratio of critical bulletins."

Among the patches is a significant cumulative fix to resolve some of the underlying vulnerabilities of IE that have already been made public. Microsoft said those flaws have not yet been widely exploited.

more here

Discussion is locked

Reply to: NEWS - February 9, 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 9, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Third buy's a charm for Microsoft?

By Robert Lemos CNET February 9, 2005, 4:00 AM PT

Microsoft's idea to purchase Sybari Software came from a place where many of its ideas are born--its labs.

Late last year, the software giant wanted to build on an important technology--the RAV antivirus software that it acquired from Romania-based GeCad--to take it beyond a desktop virus scanner to a security product for businesses. Rather than develop the extra software needed, the company looked to partners. Sybari's Antigen scanner for Microsoft Exchange e-mail and SharePoint collaboration servers seemed an obvious fit, because Microsoft's customers were already using it.

But as the development progressed in the labs, it became even more obvious that Sybari's product would make just as good an addition to the whole of Microsoft's security lineup, said Mike Nash, head of the company's security business and technology unit.

"Microsoft has come, as a company, to really believe in using what we sell and selling what we use," Nash said. "One company that we have used a lot is Sybari."

more here

- Collapse -
Trojan targets Microsoft anti-spyware
- Collapse -
Computer Associates Withdraws from COAST
- Collapse -
Spyware Activist Web Site Targeted By DDoS Attack
- Collapse -
Also in
- Collapse -
Exploit Targets MSN Messenger Hole

Users are urged to download and install a software patch from Microsoft.

Paul Roberts, IDG News Service
Wednesday, February 09, 2005
Malicious code that can take advantage of a newly disclosed hole in Microsoft's MSN Messenger instant messenger program has been published on the Internet. The publication of the code could set the stage for a possibly virulent IM worm or virus, according to security experts.

The code attacks a hole in an MSN Messenger component called "libpng," which is used to display PNG (Portable Network Graphics) files that are used to show smiley faces, buddy icons, and other graphics. More than one example of code to exploit the hole was available on the Internet Wednesday, along with directions on how to use it to attack vulnerable Messenger applications. The code can cause Messenger to crash, or allow a remote attacker to run code on vulnerable Windows machines, according to a Vulnerability Alert released by Symantec.


- Collapse -
Web Watchers launched

CNET Forums

Forum Info