Windows hit by 'extremely critical' zero-day flaw
Microsoft has issued a warning about a new exploit in all Windows versions except Windows 2003 that is actively being exploited by attackers.
The flaw affects a part of the Microsoft XML Core Services 4.0, referred to as the XMLHTTP 4.0 ActiveX Control.
Attackers could exploit the flaw to take control of a system by luring victims to a specially crafted website or a page on a social service such as MySpace.
Microsoft is currently investigation the flaw. The company will decide whether a security update is released as part of its patch cycle on the second Tuesday of each month or as an out-of-cycle update.
* Microsoft Security Advisory (927892)
Microsoft has issued a warning about a new exploit in all Windows versions except Windows 2003 that is actively being exploited by attackers.
The flaw affects a part of the Microsoft XML Core Services 4.0, referred to as the XMLHTTP 4.0 ActiveX Control.
Attackers could exploit the flaw to take control of a system by luring victims to a specially crafted website or a page on a social service such as MySpace.
Microsoft is currently investigation the flaw. The company will decide whether a security update is released as part of its patch cycle on the second Tuesday of each month or as an out-of-cycle update.
* Microsoft Security Advisory (927892)
Labels: Security
0 Comments:
Post a Comment
<< Home