As another patch Tuesday passes, the latest security installation only carried three parts and only one of these was deemed critical! However, it is just as well that this flaw has been fixed as it could have been an easy way for hackers to execute a malicious code by remote, fortunately this would require some action from the computer user!
According to Joshua Talbot, the security intelligence manager, at Symantec Security Response, “The lone critical issue this month – the DVR-MS vulnerability – will be somewhat trivial for attackers to exploit,”
“It also allows attackers to skip a few of the traditional steps needed to get malicious code to execute on a targeted computer. This is because when processing DVR-MS files, Windows Media Player and Media Center use data in these files themselves to determine what code in memory gets executed. This allows an attacker to jump directly to executing malicious code.”
It is not over yet, as some security experts are predicting that April is going to be a bumper month for updates and as per the usual line these security experts and of course Microsoft are recommending that these updates are installed as soon as possible, but do users act that quick? Research tells us that traditionally they do not!
Source [PC World]