|
Chinese Blogs Detail Zero-day Flaw in Microsoft Works
Chinese-language blogs are detailing a zero-day vulnerability in Microsoft Works, the company's lower-end office productivity suite, according to security vendor McAfee. The vulnerability is within an ActiveX control for the Works' Image Server, wrote McAfee analyst Kevin Beets. A PC would need to visit a Web site engineered to exploit the flaw, Beets wrote.
A zero-day flaw is a software vulnerability that has become public knowledge but for which no patch is available. It is particularly dangerous since users are exposed from day zero until the day a vendor prepares a patch and notifies users it is ready. Proof-of-concept code was posted on a Chinese blog showing how the problem could cause Windows to crash, Beets wrote. Then, a few hours later, a working exploit appeared, which could allow malicious code to run on a machine.  View: The full story @ PCWorld Read full story... More... |
| All times are GMT +1. The time now is 03:17 AM. |
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.