CPE: McAfee AudioParasitic: Episode 37: M$ Sec bulletin
length: 00:10:50
interesting:
M$ vista speech recognition (released Feb last year)
Website controlling your machine
The are setting the killbit
MS08-036: PGM DoS Vulnerability, vulnerabilities in the Pragmatic General
Multicast (PGM) protocol that could allow a denial of service if malformed PGM
packets are received by an affected system. An attacker who successfully
exploited this vulnerability could cause a user’s system to become non-responsive
and to require a restart to restore functionality.
Specially crafted packet, you must have M$ messaging
queue 3.0, - not installed by default in 2000/XP, default in Vista
MS08-033: A couple of media Player vulnerability, vulnerabilities
in Microsoft DirectX that could allow remote code execution if a user opens a
specially crafted media file. An attacker who successfully exploited either of
these vulnerabilities could take complete control of an affected system.
MJPEG decoder
This should be good combined with iFrame
MS08-031: vulnerability could allow remote code execution
if a user viewed a specially crafted Web page using Internet Explorer.
MS08-035: vulnerability in implementations of Active
Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows
Server 2008; Active Directory Application Mode (ADAM) when installed on Windows
XP Professional and Windows Server 2003; and Active Directory Lightweight
Directory Service (AD LDS) when installed on Windows Server 2008. The
vulnerability could be exploited to allow an attacker to cause a denial of
service condition. On Windows XP Professional, Windows Server 2003, and Windows
Server 2008, an attacker must have valid logon credentials to exploit this
vulnerability.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home