No announcement yet.

Microsoft's First Flaws for the New Year

  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft's First Flaws for the New Year

    Microsoft this week warned of a critical buffer overrun flaw in its Windows NT 4.0, Windows 2000, or Windows XP server (this is a mis-statement, i assume they mean Windows 2003 Server or Windows XP, Windows XP Server don't exist) that could allow an attacker to run his or her code of choice on a person's personal computer.
    Marking the first security bulletins of 2003, the Redmond, Wash. software outfit also warned of vulnerabilities in its Content Management Server 2001 and Outlook 2002.


    read more
    Last edited by Joe Gronlund; Thu 23 Jan '03, 5:04pm.
    Microsoft Beta Team

  • #2
    Not to be outdone, this one puts most open source projects at risk:

    A critical vulnerability has been found in the Concurrent Versions System (CVS), which is used by the vast majority of open-source projects to update and maintain source code, according to an advisory from the Computer Emergency Response Team (CERT) Coordination Center.

    The security hole allows attackers to take control of a CVS server and alarmingly, it may also allow anonymous attackers to fiddle with open-source code at the development level.

    "There is a significant secondary impact in that source code maintained in CVS repositories could be modified to include Trojan horses, backdoors, or other malicious code," a CERT advisory said.

    More info at


    • #3
      MS had been doing pretty good for awhile too. It's been at least a month since I've had to download an update from their site.
      Console Racing Review


      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.