Tuesday, July 10, 2007

Microsoft releases critical .NET patch!

Microsoft is planning to launch 6 patches that target 3 Critical, 2 Important and 1 Moderate vulnerabilities in Microsoft products. From the July 2007 Security Bulletin Summary, there are currently 3 critical Remote Code Execution vulnerabilities, which Microsoft states as: "considered to be the worst vulnerability, given that it leaves systems vulnerable to hijacking." The affected systems affected are Office, Excel, Windows and surprisingly the .NET framework (the framework has it's own form of security in the form of the Code Access Security (CAS)).

Some of the reported implications of Remote Code Execution are that crafty hackers can remotely access your computer and websites, enabling them to run scripts and initiate Denial of Service (DOS) attacks. Another implication is programs that are programmed using the .NET framework are vulnerable and software companies are skeptical if the patch will adversely affect their software's performance.


No comments: