Welcome to WebmasterWorld Guest from 22.214.171.124
Forum Moderators: bill
Microsoft warns of serious computer security hole [m.apnews.com]
Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.
The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.
It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.
Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.
Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" - or software fix - for the problem.
Microsoft offers a temporary workaround here: Vulnerability in Microsoft Video ActiveX control could allow remote code execution [support.microsoft.com]
is it likely to be served from any server, or mainly from infected Windows Servers?
If you load up firefox and disable IE as mentioned above you'll start seeing error messages when things start complaining of not being able to connect, like adobe flash. You'll see just how reliant on IE your computer really is, even if you don't use it.
In a client server environment, you can lock down the users with GPOs of course.