When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Attacks Launched Against Unpatched Windows Bug

For the second time in less than a week, Microsoft has acknowledged that attackers are exploiting a critical, unpatched flaw in Windows to snatch PCs from their owners. The new bug, which is in an ActiveX component of Microsoft XML Core Services 4.0 -- a service that lets developers use scripting languages such as JavaScript and Visual Basic to access XML documents -- is being put to work now by attackers, Microsoft admitted in a security advisory posted late Friday.

"We are aware of limited attacks that are attempting to use the reported vulnerability," said Ben Richeson, a program manager with the Microsoft Security Response Center, in a blog entry Saturday. "We'll continue to monitor the situation and provide updates should the situation change," Richeson added. A hacker can hijack PCs running Windows 2000, Windows XP SP2, or Windows Server 2003 by enticing Internet Explorer-equipped users to a malicious Web site, where the vulnerability would be exploited.

View: The full story
News source: CRN

Report a problem with article
Next Article

AMD brings next-generation graphics to the Apple Power Mac

Previous Article

Microsoft Mobile 10.7 Beta Refresh

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment