Critical fixes appear for Windows and Exchange


Critical fixes appear for Windows and Exchange

Antony Savvas

Microsoft has issued two critical security patches to protect its Exchange e-mail platform and its Windows operating system.

The patches are part of Microsoft's monthly scheduled security update cycle.

Critical flaws in Microsoft Exchange Calendar and Adobe's Macromedia Flash Player running on Windows could allow remote attackers to run arbitrary code on users’ systems, said Microsoft.

The company has also issued a patch to address a “moderate” threat for a flaw in Windows. This third patch blocks a weakness that could allow a malicious attacker to launch a denial-of-service attack by sending a network message through the system to exploit the flaw.

On the Exchange flaw, Microsoft said, “An attacker could exploit the vulnerability by constructing a specially crafted message that could potentially allow remote code execution when an Exchange Server processes an e-mail with certain properties.”

Security software company Symantec warned users that the Exchange flaw was the most serious of the three vulnerabilities patched.

The Macromedia Flash Player flaw affects versions 5 and 6, and could be used to take over users’ systems if they visit certain malicious websites.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy