Google
Web pcflank.com
PC Flank Logo
Make sure
you're protected
on all sides
 Test Your System
 Ask the experts

 

Tip of the day
Install firewall software on your computer.

Security News

Microsoft reports 'critical' security flaw in Windows

August 30, 2002

Microsoft said Wednesday all versions of its Windows operating system released since 1996 have a security flaw that could allow attackers to delete digital certificates.

Redmond media giant said that a cracker could use an e-mail or a Web site to gain entry into a system and delete the pieces of data that are used to encrypt other data, such as e-mail messages.

The vulnerability is in an ActiveX control called the Certificate Enrollment Control, used to request new digital certificates over the Web and install them on computers.

Such digital certificates are in a number of functions by Windows operating systems, including encrypting e-mail, securing and authenticating Web transactions, or protecting the Windows 2000 and Windows XP Encrypting File Systems (ESS). While the flaw doesn't allow a malicious infiltrator to steal the certificates, it enables the attacker to corrupt the data, rendering it useless to the PC's owner.

The attack could be created with a help of specially crafted Web page aimed to exploit the vulnerability. By hosting the page on a Web site, it could be used to attack computers of users who visit the page. Another possibility would be e-mail sent in an HTML format; the flaw could then be exploited when the message was opened.

Windows runs more than 90 percent of the world's personal computers. The vulnerability also affects versions that run server computers, which distribute data for networks and Web sites.

However security experts believe the flaw isn't severe and is unlikely to be used by many crackers because it doesn't give them control of the computer or access to user data.

The versions of Windows that are vulnerable include Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000 and Windows XP.

Microsoft suggests that all users of those Windows versions patch their system immediately.

 
 
Start Page
Make "PC Flank" your   
Start Page!   
Make

 
Sponsored links


   
 
   
Outpost Firewall PRO 3.0 - complete protection on the Internet!

 
Privacy Policy
    Advertiser Info
Site Map
    Contact Us

 
 
© 2010 PC Flank Ltd. All rights reserved.