microsoft to fix two windows holes on patch tuesday

microsoft to fix two windows holes on patch tuesday search     homenewsreviewsopinionsstoragesecuritychannelblogsvideospodcastsbuyers guidecareersknowledge center security news|security reviews|channel insider|security blogs|videos|podcast|buyer's guide|security special reports|all topics / industries|all sites|slideshows|it link home > topics > security > news >  microsoft to fix two windows holes on patch tuesday by lisa vaas november 9, 2007 possible candidates for patching are a macrovision driver flaw and a flaw that's been letting in rigged pdfs. patch tuesday will bring two security bulletins from microsoft, one of which is critical and involves a remotely exploitable hole on windows systems, the other of which is rated important and also affects windows. advertisement eeye's zero-day tracker, as of nov. 9, is listing three active zero-day windows and internet explorer vulnerabilities, all of which have been publicly disclosed and/or used in attacks, none of which have been patched. the critical patch promised for the nov. 13 patch tuesday could well be a flaw in a macrovision driver on windows xp and windows 2003. that vulnerability was actively being exploited in the wild as of nov. 5, when microsoft sent a special security advisory to warn customers of the danger of complete system takeover. microsoft said at the time that vista is immune to the vulnerability, which is a memory corruption error in the macrovision security driver when processing user-supplied data. the vulnerability can be used by local attackers to gain so-called ring 0 privileges—a hierarchical level with the most privileges and which interacts most directly with physical hardware, including the cpu and memory. similarly, the critical patch expected on patch tuesday affects windows xp and windows 2003, not vista, meaning there's a good chance that is the bug that's next up for a fix. microsoft might also be planning to release a security update to fix the windows hole that's been letting attackers run wild with rigged pdf files. the company put out a special security advisory on oct. 25 regarding that exploit, which has involved a wave of malware spamming in late october that reached what security researchers called "massive" proportions. the important windows update concerns spoofing, microsoft said in its monthly security bulletin advance notice. both the updates will require a restart except under certain conditions with the one marked "important." in the case of both updates, microsoft baseline security analyzer can detect whether a system requires the update. check out eweek.com's security center for the latest security news, reviews and analysis. and for insights on security coverage around the web, take a look at eweek's security watch blog.       add security news, product reviews, trends and analysis - eweek.com security center rss feed to your feed reader so that you don't miss another headline! more readers bloglines rojo newsgator pluck untitled-1 fill-in form below to apply. first name: last name: title: company: addr.: city: state: al akaz arca coct dedc flga guhi idil inia ksky lame mdma mimn msmo mtne nvnh njnm nync ndoh okor papr risc sdtn txut vtvi vawa wvwi wy-- aeap --ab bcmb nbnf nsnt onpe qcsk yt zip code: e-mail: renew today try digital eweek! subscription help free ziff davis enterprise eseminars at eseminarslive.com nov 8, 12 p.m. et case study: it consultancy achieves fast, reliable backup with data de-duplication. sponsored by exagrid & symantec nov 8, 2 p.m. et learn how one company gained one hour a day per mobile worker with michael krieger. sponsored by nokia nov 8, 4 p.m. et increase application availability through a new approach to it controls with charlene o'hanlon. sponsored by signacert nov 9, 2 p.m. et today's internet security landscape: a closer look at evolving threats with charlene o'hanlon. sponsored by messagelabs join us on nov. 28 for inside the secure mobile enterprise. this live, interactive day-long event with industry experts, leading authorities and your peers will share the information needed to build a solid secure mobility strategy that will enable and support the future success of your company. live and on-demand attendees, with complimentary registration, can learn why security should be the most important consideration in planning your company's mobility strategy. register today! featured content it link discussion - migration a windows vista® migration introduces new and unique challenges to any it organization. it's important to understand early on whether your systems, hardware, applications and end users are ready for the transition.join the discussion today! what is your security threat risk? the verisign security check-up take the verisign security check-up and find out. sponsored by ziff davis enterprise group new from ziff davis enterprise don't miss a single breaking story while you're on the go! now you can get the latest technology news & reviews from the trusted editors of eweek.com on your handheld device mobile.eweek.com sponsored by learn more about vmware & lefthand networks enter to win fluke networks' netflow tracker. you have a choice!ericom's alternative to citrix. download the windows server® 2008 release candidate today. be smart. palm®treo™ 750 smart device now just $199. learn how to be a retail visionary with motorola. christopher guest and intel rock it to the core. snagit: capture, edit and share your pc screen!. it pros: talk networks, get a $25 coffee card. lead it as an intel premier it professional . rocketstream file transfer: fast, reliable, secure. get free trials and demos of microsoft dynamics. seagate helps you satisfy customers and earn more. defy the laws of reporting with crystal reports® 2008. global development & testing from lionbridge-whitepaper. one tool queries multiple data sources – learn more! motorola rf management suite. see more. stress less cdw•g. we're there with whatever you need, when you need it. astonishing color prints. black and white prices defy all challenges. microsoft® visual studio 2005 related links singer's myspace page hacked, cleaned, rehacked rbn gang moves, sets up shop in china hackers scam thousands with bogus anti-spyware offers mac's first trojan begins to breed salesforce.com employee hands customer list to phisher share this  digg this  post to del.icio.us  post to slashdot proactive maintenance and adaptive power management using dell openmanage systems from dell advances in data warehouse performance from ibm diskeeper and email servers from diskeeper see all white papers > virtual tradeshow storage: translating information into profit join sr. editor charlene o'hanlon and industry experts on oct. 31 as they focus on helping companies achieve goals in meeting current storage needs while planning for the future. live and on-demand attendees will hear in-depth analysis of the trends driving the storage market, and tips and techniques for achieving storage needs efficiently and cost-effectively. complimentary registration! register now! ziff davis white paper library make informed purchasing decisions across the entire enterprise market with this vast resource of white papers containing information on products and solutions for technology buyers in an easy-to-use, searchable format. ziff davis web buyer's guide white paper library > security rss feed want an easy way to keep up collaboration and messaging news, reviews and opinions? get eweek headlines delivered to your desktop with rss. security coverage security analysis security news security opinions security reviews special reports browser security cyber crime exploiting google government identity management internet security managing digital rights microsoft patch management network security piracy & counterfeiting privacy rsa conference sobig virus spam spyware windows security virtual tradeshow worm attacks find security products anti-virus firewalls intrusion detection spam filtering spyware vpn wireless security compare products all products> eweek career center search 90,000+ high-quality tech jobs at dice.com. powered by dice free newsletters get eweek's free online newsletters. fill-in the form below: 1. make your selections: securing the enterpriseeweek news & viewsthe channel insider update 2. select email format: html text only 3. enter email address: view all newsletters > eweek editorial calendar for a list of what eweek is covering this year, go to our editorial calendar. issue index | contact us | about | advertise | magazine customer service | site map ziff davis enterprise home | contact us | advertise | link to us | reprints | magazine subscriptions | newsletters rss feeds | white papers | roi calculators | tech jobs | tech podcasts | tech video | baseline | careers | channel insider | cio insight | desktoplinux | deviceforge | devsource | eseminars | eweek | linuxdevices | linux watch | microsoft watch | mid-market | networking | pdf zone | publish | eweek security | strategic partner | web buyer's guide | windows for devices developer shed | dev shed | asp free | dev articles | dev hardware | seo chat | tutorialized | scripts | code walkers | web hosters | dev mechanic | dev archives | it marketplace | igrep use of this site is governed by our terms of use and privacy policy copyright ©1996-2007 ziff davis enterprise inc. all rights reserved. eweek and spencer f. katt are trademarks of ziff davis enterprise, inc. reproduction in whole or in part in any form or medium without express written permission of ziff davis enterprise inc. is prohibited.

Acceuil

suivante

microsoft to fix two windows holes on patch tuesday  AppleInsider Apple releases iMac freezing fix, MacBook Pro ...  AppleInsider iMac Software 1.2.1; Time Machine fix; MacBook ...  Fantasy Fix: Starters - MSN Video  Qwik-Fix (de PivX Labs)  CSS PNG Image Fix for IE » Blog » Komodo Media  What Mozilla users should know about the shell: protocol security ...  GUNDAM FIX FIGURATION  Outlook Recovery Tool to Fix PST File - PST Repair Software  NVidia Refresh Rate Fix Win2K/XP - PC INpact  AmyFix.com  Fix - Wikipedia  Heroes: The Fix - TV.com  Conservatives to fix glitch that could block rural voters  WMP Scripting Fix  Ezee-Fix  Don’t Throw Out Your Broken iPod; Fix It via the Web - New York Times  Jim Fix  Fix Your Own Printer  Download details: SafeDisc Windows XP Fix for Microsoft Games  It's not always malware: How to fix the top 10 Internet Explorer ...  The Fix - Salon.com  Fix 4 RSO  fixoyun fix oyun fiks oyunlar fıxoyun fıx oyun fiks oyun fix ...  Editor's Daily Blog: A Temporary Fix  Screenplay Coverage from ***** script-fix *****  FIX-TIPS Free Football picks & Best Soccer betting tips, soccer ...  Amazon.com: War Fix: Books: Steve Olexa,David Axe  Coldplay – Fix You – Music at Last.fm  WinXpFix.com Home page (wixpfix.com) Windows xp news, Tips, Free ...  M i c h a e l F i x  Les plus beaux restaurants du monde : Le Fix  NASA plans spacewalk to fix ripped solar wing - CNN.com  BBC - Languages French Quick Fix - Basics  DailyTech - Apple Releases Fix for iMac Freeze Issue, Updates MacBooks  PC World - Apple Posts QuickTime Security Fix  PC World - Two Charged with Hacking PeopleSoft to Fix Grades  Troubleshooting 101 : How to fix the family computer and save your ...  Apple posts fix for freezing iMacs - Engadget  Digg - Don’t Throw Out Your Broken iPod; Fix It via the Web  Kitco Inc. - Past Historical London Fix  Fix-A-Flat - Car Care Products- A easy way to fix a flat tire  IPv6 Fix: Home  Intel Researcher Homepage  Fix the pumps  réseau pc fix(usb) portable wifi - je ne trouve pas les config ...  Télécharger Works Fix  FixMyXP.com - Your One Stop Windows XP Fix It Site  ColdFusion 8.0 Cumulative Hot Fix 1  ColdFusion MX 7 Cumulative Hot Fix 3  Definition of fix - Merriam-Webster Online Dictionary  6 Ways to Fix a Confused Information Architecture (Jakob Nielsen's ...  Growing a Business Website: Fix the Basics First (Jakob Nielsen's ...  BBC NEWS Science/Nature Lovelock urges ocean climate fix  BBC SPORT Tennis Llodra reveals match-fix approach  Aimfix - Jayloden.com  Télécharger Object Fix Zip - Zebulon.fr : téléchargement du ...  Definition: fix from Online Medical Dictionary  B2BITS — High Performance FIX Solutions  Fast Fix Jewelry and Watch Repairs  Excel Recovery Tool - Fix & Repair Excel File - Corrupt XLS Repair ...