Monday, February 05, 2007

Microsoft office remote code execution flaw exposed.

This just in from Microsoft - there is an issue with a remote user being able to take advantage of one of the markup language translators (tech term) and gain control of you computer. A malicious user would be able to access your computer, take over users permissions, make changes and run programs. The threat level for this issue is critical and Microsoft warns to update the corrected software as soon as possible.

Here is Microsoft's threat assessment and description:

Summary

Who Should Read this Document: Customers who use Microsoft Windows

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately


Two suggestions / recommendations:

1. Make sure your automatic updates are turned on and scheduled to run while your computer is turned on. Locate the automatic updater by clicking on the start menu, control panel and Security Center. You can view the settings there for automatic updates and other security considerations for your computer.
2. Download and install the update from Microsoft manually. Surf to the Microsoft Security Bulletin Center, locate the download and when it's done downloading, double click on the downloaded file to install. Follow the on screen directions. Generally for Windows XP with Service pack 2 the download link is:

Microsoft Windows XP Service Pack 2 — Download the update

Once again, safe surfing,

Darrell Mishler
Posted by at

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)