Human error in the Windows operating system, making human error analysis of the Embedded OpenType font (EOT). EOT font is designed for use in web pages and also used in Microsoft Word documents, PowerPoint. Microsoft reviews the error is at risk "severe" and predicted, exploit code error occurs within 30 days.
Researchers at security outside the company (such as Jason Miller of Shavlik Technologies, HD Moore of Rapid7) then said that exploit code error occurs sooner.
According to Mr. Moore, bugs can be exploited by attacks "drive-by" to appropriate the system silently install Windows 2000 or Windows XP (but not run the patch MS09-065) when the system visit the site "poison . If Windows Vista system, if successfully exploited, the hacker can access your computer (but can not be used to infect malware).
The operating system Windows 7, Windows Server 2008 R2 does not "stick" EOT hole but Windows 7 RC can stick. Users can download MS09-065 and installed through Microsoft Update, Windows Update or Windows Server Update Services.
According to Computerworld, November 11, 2009
No comments:
Post a Comment