Network Security News

Microsoft identifies GDI vulnerability

Wednesday, September 10, 2008

Microsoft has identified a number of network security issues in its GDI+ software development platform.

According to the firm, a number of privately reported flaws could potentially allow hackers to execute code on compromised machines by developing specifically crafted image files or web sites.

The software giant warned that users operating with more system privileges were likely to be placed at greater risk than those with lower user rights.

Microsoft announced details of the network security threat in its monthly security update, which also identified bugs in Windows Media Encoder 9, Windows Media Player and Microsoft Office.

Elsewhere, Redmond Developer insisted that the GDI+ vulnerability is the one that is likely to catch the interest of network security researchers, as it echoes a similar vulnerability identified in 2005.

"There are four advisories and eight vulnerabilities this month but it comes down to GDI+ ... That is what is going to be on everyone's mind," commented analyst Tyler Reguly.ADNFCR-1765-ID-18773839-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.

View Related Resources
Or
Watch an Online Demo
Or
Have us call you now