Microsoft Windows is a very popular operating system released by Microsoft. A remote code execution vulnerability exists in the MFC component provided by Microsoft Windows. When a user interacts with a malformed embedded OLE object in an RTF file, it can cause memory corruption and execute arbitrary code on the user's system. To this end, Microsoft is constantly releasing new security patch updates on Tuesdays. It is reported that on Tuesday, Microsoft released its November security patch update, which fixes 15 vulnerabilities in Windows, Windows Server, Office and other software. .
It is understood that in November, Microsoft released a six-month security bulletin, three of which are the highest severity level, and the other three are important levels, repairing a large number of Windows and Office suites Vulnerabilities.
In these 15 security bulletins, the MS09-065 announcement is the most critical. A total of 3 vulnerabilities in the Windows kernel have been fixed. One of the vulnerabilities can affect the Windows kernel's parsing of embedded OpenType fonts. This is the most critical because the vulnerability has been made public before Microsoft issued the announcement.
Jason Miller, head of data and security at Shavlik Technologies, said that an attacker could exploit this vulnerability to remotely execute malicious code and use embedded fonts to create a malicious web page that would allow an attacker to control a user's computer.
In addition, the MS09-063 security bulletin fixes a vulnerability in Windows Vista and Windows Server 2008 that can affect Web services in the Devices API (WSDAPI).
Finally, there is an MS09-064 security bulletin for fixing Windows kernel vulnerabilities that addresses a privately reported vulnerability in Windows 2000 that could allow an attacker to remotely execute arbitrary code and successfully exploit this vulnerability. The attacker can fully control the victim's system.
The following is the details of the November security bulletin released by Microsoft:
#1, Announcement Number: MS09-063(KB973565)
Details: MS09-063 Security Bulletin Fixed a privately reported vulnerability in the Windows Services Web Services on Devices Application Programming Interface (WSDAPI). This vulnerability could lead an attacker to execute arbitrary code remotely if the affected Windows system receives a specially crafted packet. However, only an attacker on the local subnet can exploit this vulnerability.
Security Level: Critical
Affected Software: 32-bit and 64-bit Windows Vista SP2/Server 2008 SP2 Previous 12 Next Total 2 Pages
The League of Legends is a heroic battle online game operated by Tencent Games, which is very popula
In working life, we often share some documents with other computers. However, when
Presumably, many of my friends are just like Xiaobian. It’s a troublesome person. Is it a person who
When we installed Win7 system, the general system is in the C drive. Therefore, if
How to open the Win7 system taskbar?
Can win7 system install wallpaper engine?
How does the Windows 7 system determine whether it is activated?
How to configure IP address with Win7 command line
Win7 uses Sogou input method to input Chinese when prompted to stop working solution
What should I do if the WinAR system RAR compressed file is opened as a notepad?
How to change the working group of Win7 system
How to solve the problem that Win7 can't open the webpage and the prompt is offline
How to insert a SmartArt graphic into a Word document under win7 system
Check out the shortcuts for quickly opening windows programs.
The "crack patch" of Windows8 system is mostly bundled with Trojan
Win8 Start Screen Operation Shortcut: Easily Switch Current Account
Millet portable wifi win8.1 driver installation
Win10 10061 black screen blue screen emergency patch KB3055415 how to install?
What should I do if the network of the win10 system is dropped?
Microsoft Win8 app store is also on holiday?
Blue Finger Android Simulator Bluestacks sends pictures of tips