Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Microsoft issued info on 8 new security updates

On Tuesday, April 12, Microsoft issued information on eight new security updates. Symantec Security Response has identified the following five vulnerabilities as the most serious:

1. Microsoft Vulnerabilities in TCP/IP - Microsoft Security Bulletin MS05 019 - This is a remote code execution and denial of service vulnerability that occurs when an affected Microsoft platform receives and processes a malformed TCP/IP packet. This vulnerability impacts users on Windows 2000 and Windows XP prior to Service Pack 2. Symantec Security Response has identified this vulnerability as critical.

2. Microsoft Cumulative Security Update for Internet Explorer - Microsoft Security Bulletin MS05 020 - There are several vulnerabilities in Microsoft Internet Explorer that could allow an attacker to take control of an affected system. Symantec Security Response has identified this vulnerability as critical.

3. Microsoft Exchange Server SMTP Extended Verb Buffer Overflow Vulnerability - Microsoft Security Bulletin MS05 021 - This is a vulnerability that impacts Microsoft Exchange Server 2000/2003 and could allow remote code execution. This vulnerability is triggered by malformed SMTP extended verb commands and largely impacts enterprise users. Symantec Security Response has identified this vulnerability as critical.

4. MSN Messenger Vulnerability - Microsoft Security Bulletin MS05 022 - This is a buffer overflow vulnerability in the processing of malformed GIF images and could allow for malicious code execution. This issue impacts consumers using MSN Messenger 6.2. In order for this vulnerability to be exploited, the attacker must be included on the victim's contact list and the victim must also accept a GIF file transfer from the attacker. Symantec Security Response has identified this vulnerability as critical.

5. Microsoft Word Vulnerabilities - Microsoft Security Bulletin MS05 023 -There are two vulnerabilities in Microsoft Word that could allow an attacker to run arbitrary code on a user's system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs, viewing, changing, or deleting data, or creating new accounts with full privileges. Symantec Security Response has identified this vulnerability as critical.

"It is important that both home users and enterprises take proactive steps to deploy these patches," said Oliver Friedrichs, senior manager, Symantec Security Response. "The vulnerabilities announced by Microsoft today can result in broad exposure to blended threats and worms, as well as denial of service attacks. The combination of a strong patch management strategy and keeping strict best practices is the best way to avoid being impacted by any malicious threat."

Symantec Security Response had raised the ThreatCon from a Level 1 to a Level 2.

Symantec recommends the following actions for enterprises:
• Evaluate the possible impact of these vulnerabilities to their critical systems.
• Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions.

• Take proactive steps to protect the integrity of networks and information.
• System managers should verify that appropriate data backup processes and safeguards are in place and effective as a best practice.

• Exercise caution in opening all unknown or unexpected attachments to e-mail, and in following Web links from unknown or unverified sources.

Symantec recommends the following actions for home users:
• Regularly run Windows Update and install the latest security updates to keep software up to date.
• Be aware that opening unknown or unexpected attachments to e-mail or following Web links from unknown or unverified sources is not advised.

• For more comprehensive security protection, consider using an Internet security solution such as Norton Internet Security to protect against today's known and tomorrow's unknown threats.

Symantec will closely monitor further information related to these vulnerabilities, and will provide updates and security content as necessary. Information on Microsoft's April 2005 Security Bulletin can be found at

© Scoop Media

Business Headlines | Sci-Tech Headlines


Onetai Station: Overseas Investment Office Puts Ceol & Muir On Notice

The Overseas Investment Office (OIO) has issued a formal warning to Ceol & Muir and its owners, Argentinian brothers Rafael and Federico Grozovsky, for failing to provide complete and accurate information when they applied to buy Onetai Station in 2013. More>>


Tomorrow, The UN: Feds President Takes Reins At World Farming Body

Federated Farmers president Dr William Rolleston has been appointed acting president of the World Farmers’ Organisation (WFO) at a meeting in Geneva overnight. More>>


I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>


Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>


Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>


Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news