News

Critical fixes appear for Windows and Exchange

Antony Savvas

Microsoft has issued two critical security patches to protect its Exchange e-mail platform and its Windows operating system.

The patches are part of Microsoft's monthly scheduled security update cycle.

Critical flaws in Microsoft Exchange Calendar and Adobe's Macromedia Flash Player running on Windows could allow remote attackers to run arbitrary code on users’ systems, said Microsoft.

The company has also issued a patch to address a “moderate” threat for a flaw in Windows. This third patch blocks a weakness that could allow a malicious attacker to launch a denial-of-service attack by sending a network message through the system to exploit the flaw.

On the Exchange flaw, Microsoft said, “An attacker could exploit the vulnerability by constructing a specially crafted message that could potentially allow remote code execution when an Exchange Server processes an e-mail with certain properties.”

Security software company Symantec warned users that the Exchange flaw was the most serious of the three vulnerabilities patched.

The Macromedia Flash Player flaw affects versions 5 and 6, and could be used to take over users’ systems if they visit certain malicious websites.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy