Description: This security update resolves a privately reported vulnerability. This spoofing vulnerability exists in Windows DNS clients and could allow an attacker to send specially crafted responses to DNS requests, thereby spoofing or redirecting Internet traffic from legitimate locations. Keep reading →

Microsoft has released security bulletin MS07-053. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

• Home users:
  

  ” title=”http://www.microsoft.com/technet/security/bulletin/ms07-053.mspx

” class=”autohyperlink” target=”_blank”>www.microsoft.com/technet/security/bulletin/ms07-053.mspx

Description: This important security update resolves two privately reported vulnerabilities in addition to other vulnerabilities identified during the course of the investigation. These vulnerabilities could allow an anonymous remote attacker to run code with the privileges of the logged on user. If a user subscribed to a malicious RSS feed in the Feed Headlines Gadget or added a malicious contacts file in the Contacts Gadget or a user clicked on a malicious link in the Weather Gadget an attacker could potentially run code on the system. Keep reading →

Description: This important security update resolves two privately reported vulnerabilities that could allow code execution if a user viewed a specially crafted file in Windows Media Player. Keep reading →

Description: This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows that could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Keep reading →

• Some questions to ask yourself when assessing reported security breaches in Windows Vista
  A good description of how to identify ‘vulnerability theatre’.
  (tags: Security Vulnerability )
• Windows Vista Family Discount Program concludes at month’s end
  You only have a few more days to take advantage so act now if you’re thinking about it!
  (tags: PR )

A good description of how to identify ‘vulnerability theatre’. Keep reading →

The Windows Vista Blog pointed out a new report by Jeff Jones (a Microsoft Director from the Trustworthy Computing group). The conclusion? Vista is still faring better than other OSs, even though it’s under a larger microscope. Keep reading →

Feels a bit like ‘Wack-a-Mole”, but Windows security has always been that way. We knew a patch was coming for the hyped ‘animated cursor’ vulnerability. Along with it came fixes for two other issues as well. Now that we’re all patched up, Virus.org today pointed out that Symantec is warning of another seven vulnerabilities (nine in actuality) in Vista’s network services. Keep reading →

If you use an ATI video card, be aware of this vulnerability with the ’slideshow’ feature. Keep reading →