Friday, December 13, 2013

CPE: McAfee AudioParasitic: Episode 44: M$ sec bulletin


length: 00:12:34

all interesting – all uniform – all critical /remote exec

interesting:

MS08-052: vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. 
Affects many applications: Visio, works, forpro
Group GDI vulnerability

MS08-054:  vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. 
Media related social engineering to lure ppl fall into trap
Remote execution leading to full control

 MS08-055:  vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. 

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home