One of the patches included in Microsoft's March security bulletin, set for release Tuesday, addresses a critical Windows error that allows attackers to execute arbitrary code, usually without any user intervention, according to the software company's advanced notification posting.
The other two security updates slated for Microsoft's monthly Patch Tuesday release are both given the slightly less severe ranking of "important," one of which does not affect XP or Vista. Both vulnerabilities allow a kind of attack known as "spoofing," in which hackers can redirect unsuspecting users to a bogus or dangerous Web site and then launch malware or steal credit cards, login credentials or other personal information submitted by the user.
Meanwhile, Microsoft's March security bulletin won't be fixing a critical Excel vulnerability, which allows attackers to launch malicious code remotely on users' computers via an infected Excel spreadsheet file. Upon opening an infected Excel file, users unknowingly execute a Trojan horse onto their computers, which can be used to stealthily record keystrokes and steal personal and financial data.
Security experts say that a targeted attack has already been observed in the wild, but does not appear to be widespread.
So far, Microsoft has not issued a fix for the vulnerability, although future actions to remediate the flaw could include providing a solution through a service pack, a subsequent monthly security update or an emergency out-of-band patch.
- Juniper Honors 12 Americas Partners
- Facebook And Four More Web Sites We Love To Hate
- Cisco Honors Top Partners During 2010 Partner Summit
- HP Salutes Top Partners At APC 2010 Award Show
- Upclose And Personal With AMD And friends
- Will Oracle's Phillips' Affair Revelation Be A Distraction?
- Apple, Microsoft Unlikely Allies Against Google
- HP-Microsoft Cloud Partnership Needs To Show Us The Goods
- Blog: It's Time For A Cybercrime Public Service Announcement
- Nortel Sell-Off Continues: Ethernet Business To Ciena?
- Want To Deploy Exchange 2007 SP2 In A Server 2008 R2 Domain? Sorry
- Apple Improves iTunes 9 With Syncing, Visual Enhancements
- Oracle Ad Refutes Sun Hardware Fears
- U.S. Copyright Chief Rips Google Book Deal In Testimony
- Apple Slashes iPod Price Tags
- Price Is Right? Asus To Launch Low-Cost E-Reader
- Microsoft Xbox 360 Consoles Fail More Often Than Wii, PS3
- Privacy Group To Congress: Stop Online Advertisers In Their Tracks
- Microsoft, Intel Tout Their Collaboration On Windows 7
- Tech Data Adds Integration Services With New Center