Microsoft has reportedly repaired 25 vulnerabilities in their Windows, Office, and Exchange software, and issued software updates which should handle the potential threats. Nine of the 25 software weaknesses were reportedly marked as “critical” issues to be resolved, which is the highest ranking that Microsoft issues regarding potential malware threats. Eight of the vulnerabilities were labeled as “important,” which is one level of severity down in their ranking system.
The company issued a total of 11 software updates, each of which addressed a few of the vulnerabilities. Microsoft marked five of the software update packages as “critical,” five were marked “important,” and the final update was considered “moderate.” Various software research groups, however, consistently placed two of the 11 software updates at the top of their priority lists, encouraging users to implement MS10-026 and MS10-027 immediately. MS10-026 should handle major bugs in DirectShow software in Windows 2000, XP, Vista and Server 2008. MS10-027 addresses vulnerabilities in Windows Media Player, Windows’ default audio and video software, on Windows 2000 and XP. As these systems are the two primary media streaming devices utilized by Windows software, and the internet is a giant media hub, researchers gave these two updates high priority in particular. The malware is a classic movie/media attack, in which the viewers think they are watching a movie but their personal information is actually being hijacked. Virus can also be transmitted through streaming audio files. It is hoped that quick implementation of these software updates my many Windows users will at least block video and audio attacks that would otherwise spread quickly around the web. It is not atypical for media software to receive updates on an ongoing basis, as the multi-media components are very vulnerable to attacks due to the large volume of internet-related media use. Researchers, however, still expect widespread problems, which is why anti-virus and anti-spyware protection is so important.
A different update, MS10-019, provides the patch for Authenticode Verification, the encryption and digital signing service Windows uses to verify legitimate software. According to Microsoft, hackers who exploit the two critical vulnerabilities could, said Microsoft, “cause Windows to install or run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
As previously mentioned, there are eleven total updates available for Microsoft users. For additional information regarding all of the updates and the vulnerabilities they address, visit Microsoft’s software update website. Most importantly, users should once again be reminded to purchase and regularly update anti-virus and anti-spyware software. The highjacking threats, in particular, are a threat to the personal and financial information of users without protection, especially for those who conduct any sort of financial business on-line. Although Microsoft has successfully issued updates to address these potential threats, it is extremely important to keep your own computer protection updated.
Here are some questions to ask yourself to see if you may be at risk:
Do you ever open emails from unknown senders?
When was the last time you scanned your computer for viruses?
Do you have a 2010 version of antivirus protection installed in your computer?
Does your computer feel bogged down? Is it running slower than the day you purchased it?
Is your personal information (such as date of birth, hometown, names of family members, etc.) readily available on any of the social networking sites?
If you answered YES to any of these questions you may be at serious risk!
Check out our Antivirus Solutions Page for the best antivirus software products and available Free scans to protect your computer.
Emily Shieldings – Covers internet security issues, malicious threats, computer virus threats from all around the world, and general technology breaking news for Antivirus Help Center.