Microsoft identifies GDI vulnerability
Wednesday, September 10, 2008
Microsoft has identified a number of network security issues in its GDI+ software development platform.
According to the firm, a number of privately reported flaws could potentially allow hackers to execute code on compromised machines by developing specifically crafted image files or web sites.
The software giant warned that users operating with more system privileges were likely to be placed at greater risk than those with lower user rights.
Microsoft announced details of the network security threat in its monthly security update, which also identified bugs in Windows Media Encoder 9, Windows Media Player and Microsoft Office.
Elsewhere, Redmond Developer insisted that the GDI+ vulnerability is the one that is likely to catch the interest of network security researchers, as it echoes a similar vulnerability identified in 2005.
"There are four advisories and eight vulnerabilities this month but it comes down to GDI+ ... That is what is going to be on everyone's mind," commented analyst Tyler Reguly.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
