Happy Valentines From Microsoft

You don`t have to be in love to celebrate Valentines Day. In fact, it seems that this year, couples are not the only one who enjoyed their day of love. Even computer lovers got a great gift this year with Microsoft`s Valentines Day treat of 7 patches for its Windows applications. What do you get Windows users for Valentine`s Day? If you are Microsoft, you come bearing more than a half-dozen security patches. As part of its traditional "patch Tuesday," the software giant has released seven fixes for its media player and other Windows applications.

Windows Media Player is the subject of one critical bulletin, while four bulletins, one critical, focus on flaws in the Windows operating system. Two Microsoft Office security issues are labeled "important." Critical, the highest level of severity for the bulletins, means vulnerabilities can be exploited remotely. A rating of "important" refers to flaws creating denial-of-service or impacting security. Two Windows Media Player patches were released. The first patch rated a "critical" fix, warns of the possibility a malformed bitmap (.bmp) file could permit remote code execution, resulting in complete system takeover.

While critical, the exploit requires "significant user interaction" to work, according to Microsoft. eEye Digital Security, which alerted Microsoft to the problem in October, called for quick action. Another Windows Media Player patch is an alert to users of the Windows Media Player plugin with non-Microsoft Web browsers, such as Mozilla Firefox, Netscape or Opera. The vulnerability would allow attackers to take control of a Windows XP or Windows Server 2003 system. The Windows Media Player flaw is just the latest sign attacks are targeting consumer applications rather than the Windows operating system.

                                 

Related News: