also @ TechSpot: Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?

Microsoft to patch zero-day exploit among five others

By Justin Mann

On November 9, 2006, 3:44 PM

The flaw we heard about a few days ago regarding XML Core Services will be patched by Microsoft during the monthly patching cycle. Even though the scope of the flaw is fairly low, it is serious enough to earn a “critical” rating, along with 5 other fixes that are planned for this release. The flaw was discovered just a few days ago, and doesn't affect home users of Windows, targeting only Windows Server 2003 in specific configurations. Secunia reported on the vulnerability, saying that it is being actively exploited by hackers. Even though it is of that serious a nature, Microsoft still is committed only to releasing patches on their set date.

No tags on this story

2 comments

User Comments: 2

Got something to say? Post a comment
  1. November 9, 2006 8:09 PM
    9Nails said:
    Each patch seems to release a new batch of infections. I wish there was some way to prevent this patch Tuesdays and attack of the script kiddies Wednesdays.
    Reply
  2. November 10, 2006 1:49 PM
    ThomasNews said:
    "The flaw was discovered just a few days ago". Errm, not exactly.[url]http://secunia.com/blog/2/[/url];"On Monday 30th October, Secunia published an advisory describing a vulnerability in IE7, which appears to be a legacy from IE6 - and which back in 2004 turned out to affect virtually every single browser on the market... In 2004 the organisations behind Firefox, Netscape, Opera, Konqueror, OmniWeb, and Safari all confirmed the "Windows Injection" issue to be avulnerability and subsequently issued fixes for this issue... Microsoft writes in their blog that they didn't consider this to be a vulnerability back in 2004 because it potentially could break functionality on websites!... We believe that Microsoft ought to take responsibility for the bugs, weaknesses, and vulnerabilities in their browser to ensure that it really protects against phishing and similar scam attacks - isn't this what Microsoft advertises that IE7 does better than it's predecessors?"[url]http://blogs.technet.com/msrc/archive/200
    /10/31/information-on-address-bar-issue.aspx[/url];"The newly reported issue is actually a repeat of an issue reported in 2004."[Edited by ThomasNews on 2006-11-10 13:52:58]
    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Cameras

Downloads and Drivers

Downloads   Drivers  

Microsoft Security Essentials Definition Update May 23, 2013

avast! Virus Definitions May 23, 2013

Trend Micro Pattern File for Windows 9.935.00

AVIRA Antivirus Desktop Update Package 05/23/13

Kaspersky Anti-Virus Update May 23, 2013

More Downloads

Latest Discussion

Does anyone have experience with iolo System Mechanic? Words of advice? 12 replies on Software Apps

Need help with upgrading 11 replies on Processors and Motherboards

Monitor - No display when i put my HD6670 into motherboard 5 replies on Audio and Video

How did my Windows key become disabled? 15 replies on Other Hardware

Screen saver stop working after installing Norton 12 replies on Software Apps

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.