Hackers exploit critical new Microsoft patches

Microsoft has warned that exploit code is already circulating on the internet that can take advantage of two of the security holes it issued patches for this week.

Download this free guide

The importance of web security

Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Two critical security flaws allow remote hackers to take complete control of a user’s machine via holes in Microsoft’s Windows Media Player and Windows/MSN Messenger instant messaging applications.

The rogue code has been reported by various security software companies, including McAfee, which has called the exploit “Exploit-PNGfile”. The applications in question can be attacked using malformed PNG image files.

Security company Websense warned on Tuesday, the day of the patch issue, that hackers would soon be circulating exploit information for the security holes.

Microsoft issued 12 security patches this week, eight of which it classed as critical. The company said the issued patches would prevent the reported exploit code working.