Flaw in Microsoft VM Could Enable System Compromise

By Thomas McGuire on
Issue:
A new version of the Microsoft VM is available, which includes all previously released fixes for the VM, as well as fixes for 8 newly reported security issues. The attack vectors for all of the new issues would likely be the same. An attacker would create a web page that, when opened, exploits the desired vulnerability, and either host it on a web page or send it to a user as an HTML mail.

Affected Software:
Versions of the Microsoft virtual machine (Microsoft VM) are identified by build numbers, which can be determined using the JVIEW tool as discussed in the FAQ. All builds of the Microsoft VM up to & including build 5.0.3805 are affected by these vulnerabilities.

Patch availability:
The patch is available to update existing Microsoft VMs via the Windows Update web site.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.