|
|
To print: Select File and then Print from your browser's menu
-------------------------------------------------------------- This story was printed from ZDNet Australia. --------------------------------------------------------------
|
Microsoft patch Tuesday brings security twosome By Robert Vamosi, CNET News.com January 09, 2008 URL: http://www.zdnet.com.au/news/security/soa/Microsoft-patch-Tuesday-brings-security-twosome/0,130061744,339284944,00.htm
Microsoft on Tuesday released its January 2008 security bulletin, which includes only two updates: One is designated as "critical" by the software giant and the second one is deemed "important". Both concern the Windows operating system and there are no Microsoft Office updates this month. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.
MS08-001: Critical A vulnerability exists in Transmission Control Protocol/Internet Protocol (TCP/IP) processing, and the patch modifies the way that the Windows kernel processes TCP/IP structures that contain multicast and ICMP requests. Microsoft says: "An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
MS08-002: Important The update addresses the vulnerability detailed in CVE-2007-5352. If exploited, a vulnerability within Microsoft Windows Local Security Authority Subsystem Service (LSASS) could allow an attacker to elevate privileges, take complete control of an affected system, then install programs; view, change, or delete data; or create new accounts with full user rights.
Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved. |
