Bill Sisk reported in The Microsoft Security Response Center (MSRC)
blog that Security Advisory 943521 has been updated after they became
aware of publicly disclosed exploit code being used in limited attacks
on customers.
"Third
party applications are currently being used as the vector for attack
and customers who have applied the security updates available from
these vendors are currently protected. However, because the
vulnerability mentioned in this advisory is in the Microsoft Windows
ShellExecute function, these third party updates do not resolve the
vulnerability – they just close an attack vector."
The
reported attacks are limited, however, the normal warning applies
regarding the not opening unsolicited attachments in emails, regardless
of the sender. The additional caution of not visiting untrusted
websites applies equally.
MSRC Blog Post:
October 25th Update To Security Advisory 943521Original SG post:
Microsoft Security Advisory 943521 Released
Remember - "A day without laughter is a day wasted."May the wind sing to you and the sun rise in your heart...
Posted
Oct 29 2007, 06:59 PM
by
Corrine
Did you enjoy this article? If yes, then subscribe to our
