We are posting daily laptop Computer Vulnerabilities as a total Laptor Repair resource portal...
(MS07-048) Microsoft Vista Feed Headlines Gadget Remote Code Execution Vulnerability (938123)
A vulnerability is present in Microsoft Vista Feed Headlines Gadget that may allow for arbitrary code execution. Exploitation could occur by processing a maliciously crafted RSS feed.
Timeline -
8/14/2007
Vendor has provided a patch.
Description -
Gadgets are applications that provide special functionality such as supplying data or utility functions. A vulnerability exist in Microsoft Vista Feed Headlines Gadget that may allow for arbitrary code execution. The flaw lies in processing of maliciously crafted RSS feeds. Successful exploitation would allow for code execution at the rights level of the victim and would rely on coercing the victim to sign up for the malicious RSS feed.
Recommendations -
Download and install the patch available from Microsoft (938123): http://www.microsoft.com/technet/security/Bulletin/MS07-048.mspx
McAfee Product Mitigation
Thursday, September 27, 2007
Latest Virus Spyware Microsoft Vulnerability 9/27/2007
Posted by TUFFY at 6:40 AM
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment