-----BEGIN PGP SIGNED MESSAGE-----
____/ nessuno on Wednesday 10 Feb 2010 17:18 : \____
> Microsoft has released 13 bulletins, covering 26 vulnerabilities, as
> part of a bumper Patch Tuesday.
> All supported versions of Windows will need patching, though Vista and
> Win 7 (three critical updates) are less exposed than XP and Windows
> 2000 shops (five critical fixes).
> Three of the bulletins are particularly severe and require immediate
> attention. One of these critical updates (MS10-006) addresses two
> vulnerabilities in the SMB networking service protocol that might
> easily lend itself to drive-by attacks on unpatched systems.
> A separate vulnerability (MS10-007) in Windows Shell handler poses a
> similar code injection risk, but this problem is restricted to older
> versions of Windows (XP, Win 2K, Win 2003 Servers).
> Lastly there's a fix (MS10-013) for Microsoft DirectShow which, left
> unpatched, creates a handy mechanism for hackers to take over
> machines, providing they succeed in tricking marks into opening
> maliciously constructed AVI video files.
The real numbers are worse. Microsoft has been caught patching many things secretly
(which is easy when the code is proprietary).
~~ Best of wishes
Microsoft: a device for converting public ignorance into cash
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
19:05:01 up 85 days, 16:36, 2 users, load average: 0.31, 0.62, 0.79
http://iuron.com - Open Source knowledge engine project
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
-----END PGP SIGNATURE-----