Heads up to all Microsoft Windows users: If you’re running Windows 2000, Windows XP or Windows Server 2003, stop what you’re doing and immediately download and apply the MS09-065 update released earlier this week.
Security researchers say it’s only a matter of time — days not weeks — before malicious hackers start exploiting one of the vulnerabilities via booby-trapped Web pages or Office (Word or PowerPoint) documents.
The specific vulnerability — in the font parsing subsystem of the win32.sys driver — provides an entry point for hackers to take complete control of an unpatched machine without any user action beyond normal browsing or opening a rigged document file.
A proof-of-concept exploit has already been fitted into the Metasploit point-and-click tool. According to Metasploit’s HD Moore, the code triggers a BSoD (blue screen of death) from a Web page. With some modifications, Moore expects to get reliable code execution very soon.
Microsoft’s MS09-065 bulletin says an exploit was already publicly available before the update was ready on Patch Tuesday (perhaps this one released since August?), meaning that malware authors have gotten a long head start researching entry points for attacks.
1. You are responsible for patching and defending your computer.
2. Beware who you trust. Even I am just some guy you met on the internet.
3. If you have technical questions feel free to send me an email at krippledwarrior[at]gmail.com
3 comments:
Hey there,
Thanks for stopping by and taking the time to make such thoughtful comments, you do brighten my day and now you are helping to protect me!! You are a true warrior!!
Have some fun this evening!! xOxO
Just like I said, protection is what you get from a military, Christian biker type. :) Thanks for keeping us covered my friend.
Hey there's a motorcycle in your header! I think someone has been messing with your computer. :o
<°)}}}><
But I have Vista so I could not use them right?
Post a Comment