More cracks in Windows

By Derek Sooman on January 11, 2006, 12:52 PM
Microsoft released two more critical patches yesterday. These fix a flaw in the way Microsoft Windows processes embedded web fonts (MS06-002) and a Microsoft Outlook and Microsoft Exchange Transport Neutral Encapsulation Format (TNEF) decoding vulnerability. If properly exploited, these flaws can allow a hacker to execute arbitrary code or cause a denial of service on an unpatched system.

Alan Bentley, UK managing director at security tools firm PatchLink, commented: "It has clearly been a bad year for downloadable file formats in the Windows world and it is only 10 days into the New Year. The new patches show some critical issues in Microsoft WMF, MS-TNEF and Web Font download file formats that can all allow remote code execution.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.