Skip to main content

Attacks actively exploit code-execution bug in Windows

posted onJune 13, 2012
by l33tdawg

Hackers are actively exploiting a critical vulnerability in Microsoft's Windows operating system that allows them to remotely execute malicious code when victims visit a booby-trapped website.

 

"These attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents," Andrew Lyons, a Google security engineer, wrote in a blog post published Tuesday. "Users running Windows XP up to and including Windows 7 are known to be vulnerable."

 

In their own advisory, Microsoft officials confirmed the active attacks and encouraged customers to apply a temporary fix as soon as possible. The vulnerability exploits an uninitialized variable in XML Core Services, which is installed by default in all supported versions of Windows. Users of Microsoft Office 2003 and 2007 are also susceptible.

Source

Tags

Security Windows Hackers Microsoft

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th