A bug in Microsoft's software gives hackers a way to exploit virtual Windows machines which would be attack-proof if they were running on real hardware, a researcher said today.
The flaw is in some of Microsoft's virtualization software, including Windows XP Mode, the free add-on for Windows 7 that lets users of the newer OS run older applications in a virtual machine.
Core Security went public with information about the flaw yesterday, seven months after reporting the problem, because Microsoft declined to patch it. "They don't believe this requires a patch," Ivan Arce, CTO of Core Security, said in an interview today. "They said that they would address it with an update or in a service pack some time in the future. We believe this needs to be fixed sooner."
Microsoft confirmed today that a security update for its Excel spreadsheet had turned English text in an important Windows tool into Chinese.
Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers. The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user's system, Adobe said in an advisory. The vulnerability affects Adobe Download Manager on Windows (prior to February 23, 2010).
Recent comments
14 weeks 4 days ago
14 weeks 5 days ago
14 weeks 6 days ago
14 weeks 6 days ago
14 weeks 6 days ago
15 weeks 11 hours ago
18 weeks 1 day ago
19 weeks 3 days ago
21 weeks 5 days ago
22 weeks 20 hours ago