Even after they announced their "Secure Computing" initiative several years ago, they still have major holes like this...
==========================================
Report says a newly discovered flaw could expose hundreds of millions of Windows PCs to virus.
January 3, 2006: 11:08 AM EST
NEW YORK (CNNMoney.com) - The new year is off to a rocky start at Microsoft, where security experts are scrambling to confront a potentially massive virus threat to Windows PCs.
According to a report Tuesday in the Financial Times, the latest vulnerability involves a flaw which allows hackers to infect computers using programs inserted into image files. The threat was discovered last week. But it mushroomed over the weekend, when a group of hackers published the source code they used to exploit the flaw.
What makes this threat particularly vicious, according to the Times, is that unwitting victims can infect their computers simply by viewing a web page, e-mail, or instant message that includes a contaminated image. That differs from most virus attacks, which require a user to actually download an infected file.
"The potential [security threat] is huge," Mikko Hypponen, chief research officer at F-Secure, an antivirus company, told the Times. "It's probably bigger than for any other vulnerability we've seen.
"Any version of Windows is vulnerable right now," said Mr. Hypponen, including every Windows system shipped since 1990.
Microsoft (Research) said in a security bulletin on its Web site, "we are working closely with our antivirus partners and aiding law enforcement in its investigation."
==========================================
Report says a newly discovered flaw could expose hundreds of millions of Windows PCs to virus.
January 3, 2006: 11:08 AM EST
NEW YORK (CNNMoney.com) - The new year is off to a rocky start at Microsoft, where security experts are scrambling to confront a potentially massive virus threat to Windows PCs.
According to a report Tuesday in the Financial Times, the latest vulnerability involves a flaw which allows hackers to infect computers using programs inserted into image files. The threat was discovered last week. But it mushroomed over the weekend, when a group of hackers published the source code they used to exploit the flaw.
What makes this threat particularly vicious, according to the Times, is that unwitting victims can infect their computers simply by viewing a web page, e-mail, or instant message that includes a contaminated image. That differs from most virus attacks, which require a user to actually download an infected file.
"The potential [security threat] is huge," Mikko Hypponen, chief research officer at F-Secure, an antivirus company, told the Times. "It's probably bigger than for any other vulnerability we've seen.
"Any version of Windows is vulnerable right now," said Mr. Hypponen, including every Windows system shipped since 1990.
Microsoft (Research) said in a security bulletin on its Web site, "we are working closely with our antivirus partners and aiding law enforcement in its investigation."
![[clap]](/images/smilies/icon_smile_clap.gif "Clap [clap]"){kind=icon}
![[rofl]](/images/smilies/icon_smile_rofl.gif "ROFL [rofl]"){kind=icon}