Serious Security Flaw Found in Microsoft Windows
Microsoft Windows contains a serious security vulnerability that could allow a hacker to take complete control of an infected system.
Microsoft issued a security advisory today (Jan. 4) warning users that a flaw in Windows' Graphics Rendering Engine how Windows handles thumbnail images -- could be compromised by an attacker who could then view, change and delete data, or create new accounts with full user rights.
The attack could be triggered when a victim uses Windows' file manager or Microsoft Office to view specially crafted, rigged thumbnail images.
The security flaw affects Windows XP, Vista and Windows Server 2003 and 2008. Windows 7 and Windows Server 2008 R2 are not affected.
Microsoft said that it has not received any reports of the vulnerability being exploited. A security patch is being developed as Microsoft assesses the severity of the flaw, it will decide to either issue the patch in its monthly security update (scheduled for Jan. 11), or issue an out-of-cycle update.
- Security and Privacy Software Reviews
- The Future of Internet Passwords
- Personal Firewall Software Review 2011