January 8, 2008
Today Microsoft released two system software updates, one of which is rated as a critical severity.
The MS08-001: "Vulnerabilities in Windows TCP/IP Could Allow Remote Code
Execution (941644)" is the first Microsoft vulnerability of the calendar year. This permits remote exploit of the host computer, and affects all versions of Windows 2000, Windows XP, Windows Vista, and Windows Server 2003.
Users are advised to apply the updates immediately.
More info on MS08-001 can be found at http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
The second update, MS08-002 "Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)" is rated as an Important severity.
Posted by Thomas Siu at 02:17 PM