On Tuesday, Microsoft patched two bugs, both pegged as "critical," in Windows' GDI, or graphics device interface, one of the core components of the operating system. According to Microsoft, every current version of Windows, including the very newest, Vista Service Pack 1 (SP1) and Server 2008, is open to attack.
The vulnerabilities can be triggered by malformed WMF (Windows Metafile) or EMF (Enhanced Metafile) image files.
According to ComputerWorld An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Users who simply view an image online or in e-mail could be compromised.
This update also includes a kill bit for the Yahoo! Music Jukebox product. Microsoft has only rarely issued fixes for flaws in other vendors' programs. April's security updates can be downloaded and installed via the Microsoft Update and Windows Update services.
Make sure you get the latest updates !
OS9USER
Labels: breaking news os9user windows open attack hack exploit critical gdi xp vista wmf emf vulnerabilities hack email yahoo music jukebox patch security update
|
