Friday, March 14, 2014

Microsoft Patch Tuesday for March 2014

Microsoft has plugged a critical vulnerability in its Windows XP operating system in its latest patch Tuesday update, just weeks before it is due to end support for the decade-old platform. The Windows XP patch related to a critical vulnerability in the operating system's DirectShow service that could theoretically have been used by hackers to remotely execute code. Microsoft downplayed the significance of the vulnerability, confirming that it had been disclosed to the firm privately and only affects Windows XP. However, the flaw is troubling as Microsoft is due to officially cease support for Windows XP on 8 April. The cut-off has led to concerns within the security community. Experts from EY, FireEye and Trend Micro said they believe hackers are preparing XP exploits for use after Microsoft officially cuts support which could pose seriously problems for firms still running XP. Microsoft also released a permanent fix for a critical flaw in Internet Explorer (IE). FireEye discovered the flaw on 14 February and it is known to have been used by criminals to mount a sophisticated hacking campaign, codenamed Operation SnowMan. <more>

No comments: