Microsoft has warned its customers that three critical updates to Windows operating systems will be delivered tomorrow, with one an active fix to a flaw that is currently being exploited through Asian websites.
A vulnerability has been made known that affects the “MPEG2TuneRequest ActiveX Control Object”, with the company warning that “A browse-and-get-owned attack vector exists” for the flaw.
What this means is that if a user opens a website containing a piece of code that can exploit the flaw, hackers could take control of that user’s computer.
Another flaw takes advantage of a vulnerability in ‘DirectShow’ that allows a file in the movie-player QuickTime to trigger a remote code execution, potentially harming a user’s computer.
Microsoft has not revealed the nature of the third patch to be released, so it is likely that this vulnerability is not being exploited. The updates will apply to all supported versions of Windows.
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.