Wed, Nov 30 2005 8:14
Exploits have been released for two Microsoft flaws this week, and users are advised to patch immediately.
The first exploit, for MS05-053 is reported to cause a DOS condition
, sending CPU usage to 100% when viewing a file in IE. The Microsoft security bulletin
for this vulnerability lists remote code execution as a possibility,
indicating future exploits could be more severe. Users with the hotfix
for GDI installed are protected from this issue.
The second flaw is related to vulnerabilities in MSDTC and COM+, and again the exploit is limited to a denial of service attack
rather than the remote code execution listed as a possibility on the security bulletin. The patch for this (MS05-051
) has been available since October 11
, and despite some users having problems with the update
, Microsoft recommends users apply the patch.
Filed under: Alerts