Microsoft Corp. released the second installment of its now monthly security bulletins, patching three software holes in Windows systems that it said were “critical” security risks and a fourth problem with Microsoft Office that the company rated “important.” Taken together, the security holes could allow attackers to set up Web pages to take advantage of vulnerable systems and read files or run attack code on a remote user’s Windows machine, Microsoft said. One bulletin, MS03-049, affects Windows 2000 and Windows XP workstations and fixes a critical buffer overrun vulnerability in a Windows service called the Workstation Service, which manages requests for files or printing services on a LAN. That service is turned on by default in Windows and could be compromised by an attacker using an improperly formatted network message that was sent to a vulnerable machine. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.