Microsoft Warns of Important Windows Flaw

May 12, 2004

Microsoft Warns of Important Windows Flaw
May 12, 2004 – According to CNN, Microsoft warned on Tuesday that a flaw in Microsoft Windows operating system could potentially allow hackers to take control of a PC by luring users to a malicious Web site and coaxing them into clicking on a link.

The warning came as part of Microsoft’s monthly security bulletin, along with a patch to fix the problem.

The security warning was rated "important," the second most serious on Microsoft’s four-tiered rating scale for computer security threats. The highest is "critical."

The security flaw affects the latest versions of Windows, including Windows XP, and software for networked computers such as Windows Server 2003, Microsoft said.

Vincent Gullotto, vice president of the anti-virus emergency response team at Network Associates Inc., said he did not believe the vulnerability was a high risk but said computer users should retrieve security patches from Microsoft’s Web site.

Stephen Toulouse, a manager at Microsoft’s Security Response Center, said that while the vulnerability would not allow for the automatic spread of a virus in the way the recent Sasser worm spread across global networks, it could still have serious consequences.

"The net result of an attack would be for an attacker to be able to do anything you already do on your computer," he said.

To exploit the vulnerability, an attacker would have to host a Web site that contains a Web page used to exploit the vulnerability and then persuade the user to visit the Web site and perform several actions before the attacker could take over a computer, Toulouse said.

Last year, Microsoft adopted a new monthly patch release program, which it said would let customers apply software fixes for security bugs more easily.

For the full article, visit http://preseason.ntaonline.com/www.cnn.com