Microsoft Patch Tuesday Brings Eight Critical Vulnerabilities
by Mirko Zorz - HNS Chief Editor - Wednesday, 14 June 2006.
Microsoft alerted us this time about 12 vulnerabilities of which eight were rated critical, three important and one moderate.

Here comes another cumulative security update for Internet Explorer that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

A remote code execution vulnerability exists in Microsoft JScript that could allow an attacker to take complete control of an affected system. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Users are recommended to update as soon as possible.

If you want more information about these Security Bulletins do check out the TechNet Webcast that will present a brief overview of the technical details of the June security bulletins followed by an extensive Q&A session that will give you the opportunity to ask questions and get answers from Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation.

Spotlight

Lessons learned developing Lynis, an open source security auditing tool

Posted on 15 October 2014.  |  Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //