Security firm finds extremely critical flaw in Windows

Exploits already traced in the wild


7 November 2006 11:08 GMT / By Amber Maitland

Security firm Secunia has found another flaw in Windows, this time in the Microsoft XML Core Services.

The flaw, which is located specifically in the XMLHTTP 4.9 ActiveX Control, allows hackers to gain control of PCs when users visit a malicious website using Internet Explorer. Secunia has rated it as “Extremely critical” as it’s already being exploited.

Microsoft has already responding by posting on the Security Response Team Centre blog and on it security site. It says that it’s aware of “limited” attacks but that a security update will be released, either in the monthly update or in an out-of-cycle release.

It affects people using Windows 2000 server products and 2000 Professional, as well as Server 2003 products, and XP Home and Professional editions.

Secunia has also previously reported what it claims are two flaws in IE7 shortly after the application was released; Microsoft countered that one was actually a bug in Outlook, not in IE7.
Full tags
Software, PC software, Operating Systems, Microsoft

share print story pdf email story

Recommended articles

Recommended articles from around the web
Loading

Best iPad 2 apps

We detail the best iPad 2 and iPad apps in the app store Which iPad app should you download?

Best new iPad apps

We detail the best iPad apps in the app store for your new Retina Display Which iPad app should you download?

Windows 8

First Look: Windows 8 Consumer Preview reviewed

The new iPad

The new iPad: Everything you need to know

Pocket-lint poll

Q. Does the Samsung Galaxy S III deliver what you hoped for?

Vote YES Vote NO

» LAST TIME
When asked Would you switch from iOS to Android? 54% said yes and 46% said no