:::World Biggest and Free Online Media, Watch Online T.V, Watch Online Films, Movies: Microsoft hack scare

Monday 7 February 2011

Microsoft hack scare

Some versions of Microsoft Windows' operating system are vulnerable to attack from hackers; a flaw in the software can let hackers take full control of your personal computer

Once again, Microsoft Windows is under fire with several versions of its operating system being vulnerable to hackers.

Earlier this week, Microsoft had warned its users about the bug in a special alert saying that Microsoft is still looking for the workaround to the problem that it says may leave a personal computer open to attacks from hackers, including taking control of a PC system remotely.

The software giant said that it is not aware of any such attacks yet, where a hacker has tried to exploit the system’s vulnerability. According to Microsoft, the problem involves the way Windows renders graphics on versions of Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008.

However, the company claimed that its' recently launched operating system for personal computers, Windows 7 and the latest operating system for servers, Windows Server 2008 R2, are completely free from the said flaws.

In December 2010, Microsoft started investigating possible Internet Explorer and FTP security flaws in the company developed operating systems. It is believed that one of the flaws provides a possible opportunity for remote code execution attacks via Internet Explorer. The other flaw could enable denial of service attacks by exploiting vulnerability in Internet Information Services FTP 7.5.

As an initial preventive measure Microsoft suggested to its users to deploy Microsoft’s Enhanced Mitigation Experience Tool kit [EMET], as a workaround; both run as a part of Windows 7 and Windows Server 2008 R2.

The flaw is said to work by bypassing protections normally enabled by Microsoft’s address space layout randomization [ASLR] and data execution prevention [DEP] technologies.

It is anticipated that the company may provide additional guidance to help customers protect themselves from any such attacks or issue a fix through its monthly security update process.