“Microsoft has warned that a ‘critical’ flaw in the latest versions of its Windows operating system could allow hackers to access a person’s computer. In its monthly security bulletin, the world’s largest software maker said Windows versions NT, 2000, XP and Server 2003 were affected,” BBC News reports.
“Giving the problem its highest security rating of ‘critical,’ Microsoft has called on users to download a software repairing patch free from its website. This is said to cure the problem. The flaw is also said to be completely unconnected with the latest clutch of computer viruses currently causing problems around the world,” BBC News reports. “It could however allow hackers to quietly break into someone’s computer to steal files, delete data, or eavesdrop on what that user is doing.”
“Marc Maiffret of eEye Digital Security, the US company that discovered the Windows flaw, said it was a major issue. ‘This is one of the most serious Microsoft vulnerabilities ever released,’ said Mr Maiffret. ‘The breadth of systems affected is probably the largest ever.’ He added: ‘This is something that will let you get into internet servers, internal networks, pretty much any system,'” BBC News reports. Full article here.
CNET reports, “‘There are more attack vectors and more people that could be affected by this,’ said Marc Maiffret, chief hacking officer for eEye Digital Security, the software firm that warned Microsoft of the vulnerability more than six months ago. This is the second time this month that Microsoft has warned users of a security flaw. The company has a new policy of announcing vulnerabilities and releasing patches on the second Tuesday of each month, unless a critical flaw needs to be released immediately.”
“Last week, the software maker revealed a security flaw in Internet Explorer and issued a patch. On Tuesday, Microsoft announced three more vulnerabilities: the critical flaw and two other issues of lesser severity. One security hole affects computers running the Windows Internet Naming Service, and the other affects Microsoft’s Virtual PC for the Mac platform,” CNET reports. “eEye’s Maiffret was critical of Microsoft for taking so long to issue the patch. ‘Two hundred days to fix this,’ Maiffret said. ‘It is obviously ridiculous.'”
MacDailyNews Take: For information on how to switch cleanly to Mac OS X, click here.
Related MacDailyNews article:
Mac owners boast of virus, worm immunity vs. Windows’ swiss cheese security – February 05, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004