Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
Microsoft Warns Windows Users About Two New Security FlawsMicrosoft Warns Windows Users About Two New Security Flaws
A critical flaw, found in almost every version Windows, could let hackers seize control of a PC when victims read E-mails or visit Web sites.
1 Min Read
Microsoft is warning users of virtually every version of its Windows operating system of a new critical security vulnerability. It's urging users of Windows 98, 98SE, Windows ME, NT, 2000, and XP, as well as Windows NT 4.0 Terminal Server Edition, to patch immediately.
There have been no reports of hackers or a virus exploiting this flaw.
The security flaw resides within the Windows Script Engine, which is used by the operating system and apps to automate certain tasks. The flaw, detailed in Microsoft bulletin MS03-008, exists in the way the engine for the scripting language Jscript processes information, so an attacker could design a Web page or HTML-based E-mail that exploits this buffer overrun vulnerability. A successful attack could let a hacker gain compete control of a user's system and execute software of their choice, Microsoft warns.
Microsoft also revealed a moderate vulnerability within its Microsoft Internet Security and Acceleration Server 2000 in bulletin MS03-009. According to Microsoft, customers running unpatched versions of the security server could be subject to denial-of-service attacks. The company says system administrators should consider patching this vulnerability.
Patches for both vulnerabilities can be found at www.microsoft.com/security.
About the Author
You May Also Like
More Insights
