Microsoft fixes a serious security hole

TipsMake.com - As announced last week, Microsoft has released two updates for two security holes that are classified as serious . A vulnerability arises in the process of exchanging data via POP3 and IMAP protocols can be used to trigger memory and data overflow errors in Outlook Express and Windows (Live) Mail applications. feedback from the mail server system is prepared by hackers. This allows hackers to infiltrate the system, executing malicious code arbitrarily at any level of user authorization.

In order to fall into the hacker trap, users do not need to interact with hackers' server systems. Hackers with access to the server system can also block information, data by attacking Man-in-the-Middle or directing clients to their server system by transferring DNS.

Outlook 5.5 and 6 are affected as well as Windows Mail and Live Mail of Windows 7, Vista, XP, Server 2003 and Server 2008. Microsoft has classified these vulnerabilities in the following order: with Windows 7, this error is not serious. weighted with Windows XP and Vista, because Windows 7 users need to install mail applications before the system is compromised. On the other hand, Windows 7 contains an error-causing component - it's inetcomm.dll. The update MS10-030 will thoroughly fix this error.

Another patch, MS10-031, will fix the memory overflow in Visual Basic application for Applications (VBA) that belongs to the process of holding and controlling ActiveX controls. Attackers can use prepared Office documents to activate and penetrate deep into the system. Microsoft has not given any specific information. Office XP, Office 2003, and 2007 Office System applications are all corrupted, similar to Visual Basic development tools and SDK.

Although Microsoft does not think these are too serious errors or can be linked together to facilitate further vulnerabilities, users should proceed to update the patches as soon as possible.