by Alex Woodie
Server operators could breath a little easier following the latest round of patches by Microsoft yesterday, but PC administrators must still be on guard. The Patch Tuesday event for June continued the recent spate of client-side vulnerabilities with four critical patches, one important patch, and one moderate patch fixing 17 separate security problems in Microsoft's client-side products. And at least one security expert contends Microsoft attempted to conceal a major programming gaffe in Windows Vista by labeling a flaw moderate instead of giving it the critical label it deserved.
The one Microsoft patch causing a little stir is Microsoft Security Bulletin MS07-032, which fixes what Microsoft has deemed a moderate information disclosure flaw in the 32-bit and 64-bit versions of Windows Vista. This flaw, which officially is called the Permissive User Information Store ACLs Information Disclosure Vulnerability, could allow a user with limited rights and privileges to access local user information data stores, including the user names and passwords of the system administrator.
Wednesday 13 June 2007
Subscribe to:
Posts (Atom)