Printer Friendly
The Free Library
14,702,759 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Be wary of Microsoft Office attachments.


IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries)  have announced its Internet Security Systems (ISS ISS

See Institutional Shareholder Services (ISS). ) X-Force research and development team has provided customers with protection for several serious flaws announced by Microsoft.

The most significant Microsoft disclosure this month is a vulnerability in Microsoft Exchange Server Microsoft Exchange Server is a messaging and collaborative software product developed by Microsoft. It is part of the Microsoft Servers line of server products and is widely used by enterprises using Microsoft infrastructure solutions.  that can result in remote code execution. By enticing a user to view a specially crafted email, an attacker could trigger an exploit that grants complete control over the Exchange server. "Considering the level of privilege an attacker can gain through this vulnerability, I would not be surprised to see public exploitation very soon," said Tom Cross, X-Force Researcher at IBM ISS. Microsoft also provided a patch for a vulnerability in the Microsoft Windows Domain Name System (DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the ) Server that can trigger a stack-based buffer overflow in the Remote Procedure Call (RPC (Remote Procedure Call) A programming interface that allows one program to use the services of another program in a remote machine. The calling program sends a message and data to the remote program, which is executed, and results are passed back to the calling ) interface, granting the attacker system privileges. While this threat is typically mitigated by external firewalls, exploits have been in the wild since April, and it has been used in some cases to propagate the Rinbot Worm. IBM ISS provided protection for this flaw in April. Details can be found at:www.net/threats/260.html.
COPYRIGHT 2007 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2007, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security News and Products
Publication:Database and Network Journal
Date:Jun 1, 2007
Words:186
Previous Article:Coverity prevent SQS deployed by Aerosystems International.(Security News and Products)
Next Article:Hybrid SSL/keylogger malware surfaces.(Security News and Products)
Topics:



Related Articles
Bone death from bisphosphonates covered in new litigation packet.(The Exchange)
Materiality from a different point of view.(financial reporting)
Banking gets greener: not that long ago, banks were minor actors on the climate-change stage. Now, they are stepping up with major commitments and...
For this CFO, energy is King: deeply involved in the oil and gas market, this year's recipient of FEI Canada's CFO of the Year Award, Marvin Romanow,...
iDashboards.(BUSINESS INTELLIGENCE)
Just in: CFRI speakers.(fei news)
Conference schedule.(fei news)(Calendar)
Open Text's Hummingbird Connectivity suite certified for Windows Vista.(IT News and Products)
Kaspersky Anti-Virus for Microsoft ISA Server.(Security News and Products)
IBM Internet Security Systems accelerates network performance.(Security News and Products)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles