Advertisement
Home
Friday, 25 July 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  5378  68.98%
Win 2003  1841  23.61%
Win 2000  290  3.72%
FreeBSD  166  2.13%
MacOSX  67  0.86%
Other  54  0.69%

Total attacks: 7796 of which 2243 single ip and 5553 mass defacements

Polls
Should Zone-H continue mirroring defacements? (floods will be purged)
 
Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
ZONE-H In Numbers
 News: 14543
 Advisories: 11
 Managers: 1
 Administrators: 1
 Super Administrators: 3
 Operators: 3
 Registered Users: 36273
 Downloadable Files: 3888
 Digital Attacks: 2768634
 Attacks On Hold: 1583
 Online Users: 76
Syndicate
Visitors' Map
Highlight on most recent attacks
ericsson.com/ericsson/careers/newAd.asp?id=1&source=OWN by Agd_Scorp       guarani.mg.gov.br by c40$_br       whqx.gov.cn/index.asp by PEFORCE DIGITAL SECURITY TEAM       lyczj.gov.cn/x.txt by iskorpitx       gzzsyz.gov.cn/hert.txt by ZoRRoKiN       szwec.gov.cn/hert.txt by ZoRRoKiN       geomatica.veracruz-puerto.gob.mx by Mafia Hacking Team       unhcr.ro by Alemin_Krali       phoenix.spelthorne.gov.uk by Mafia Hacking Team       aduana.gov.ec/foros/default.asp by LatinHackTeam       
Latest advisories
Latest on Digital Warfare
Latest on Geopolitics
Microsoft patched critical vulnerabilities PDF Print E-mail
User Rating: / 11
PoorBest 
Written by minor   
Wednesday, 12 December 2007

compromisedFew hours ago Microsoft released bulletins accordingly with patches, among others also for extreme critical vulnerabilities in Internet Explorer and Windows. It should be no wonder, that Microsoft releases updates if... If these vulnerabilities were not old and already exploited in the wild. Let's take a brief summary on these:

Bulletin MS07-069 issued on December 11, 2007
Internet Explorer from version 5.01 to version 7 is affected, successful exploitation requires user's interaction (visiting malicious website), results in remote code execution. Update patches four (4) different vulnerabilities.

 

 

According to ZDI advisory, vulnerability was reported to vendor in May 2007 and July 2007.

Bulletin MS07-065 issued on December 11, 2007
Windows 200SP4 and XPSP2 with enabled Message Queuing Service. To exploit this vulnerability authentication is not required. Successful exploitation allows remote attacker execute arbitrary code (on Windows2000SP4) or escalate the privileges (on XP).


According to ZDI advisory, it was reported in April 2007.

Why patch release came after relatively long time, is unknown. One thing is sure: if we post next time, that data theft rised again, we can also add, that this might be also the reason.

 


Comments Index (Total Messages: 1)
very cool Written by eagle.eyez on 2007-12-13 15:18:44

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
Advertisement
 
Top!
© 2008 Zone-H.org
Joomla! is Free Software released under the GNU/GPL License.
 Top!