Microsoft fixes 'dangerous' errors for Windows

Yesterday (March 10) Microsoft released an update to block an extremely dangerous vulnerability in the kernel of almost every version of the Windows operating system that is available on the market .

This patch is part of a total of 3 major updates from the March update that was officially released by Microsoft yesterday. In total, this phase has 8 security bugs fixed.

MS09-006

The major update aims to fix three different security flaws in the Windows operating system kernel. Microsoft classified this update as "extremely dangerous" because if successful exploitation of these errors, hackers could gain the right to execute malicious code on the user's PC.

' If you successfully exploit this security error, hackers can remotely control binary code execution at the kernel level (kernel mode). This means hackers can freely install software, edit, delete data or create new user accounts with full access on the user's PC , 'Microsoft said in Security warning message.

Specifically, this update aims to overcome security flaws that arise during the authentication of user data (user mode) processing in the GDI operating system graphics processing unit.

Hackers can attack users by creating image files in a malicious EMF or WMF format. The method of distribution can be via the website or included in the email. If users open these files, then surely their PC will be hijacked by hackers.

Microsoft confirmed that this security flaw exists in almost every version of Windows operating system from Windows 2000, Windows XP to Windows Server 2003, Windows Vista and Windows Server 2008.

This is not the first time Microsoft has fixed the dangerous security bugs that arise in GDI. Last year the company had to fix errors three times in the composition of this Windows operating system kernel. The last time Microsoft fixed GDI errors was December 2008.

But Microsoft said that it is possible for hackers to quickly develop the code to exploit the vulnerability within a month after the company released a bug fix update. But with such an easy way of exploiting errors, hackers will not easily ignore this opportunity to attack users.

MS09-008

Behind MS09-006 about the danger level is MS09-008. This update aims to overcome a total of 4 different security errors arising in the DNS Server and WPAD WINS Server of Windows operating systems.

There is no doubt that these errors are related to the extremely dangerous 'DNS cache poisoning' (DNS cache poisoning) vulnerability discovered last year by security researcher Dan Kaminsky.

Kaminsky then asserted that if successful in "poisoning DNS cache" hackers will be able to gain control of a huge number of different websites - even if they can take control Internet. Nearly all of the big names in the world 'technology' village have joined hands to overcome this error.

Content from Microsoft's security warning message indicates that if successful exploitation of these errors, hackers can also insert records into the DNS Server cache, predicting the IDs to be transferred or spoofed Web Proxy Help them control user access redirection. Users can still enter a legitimate website address but are led by hackers to their own malicious website.

The above DNS error only affects the server-specific versions of Windows such as Windows 2000 Server, Windows Server 2003 and Windows Server 2008.

Although the error is dangerous, Microsoft only puts the MS09-008 update at an important level. This shows that Microsoft does not appreciate the possibility that hackers can exploit security vulnerabilities to attack users. But unfortunately Microsoft has omitted a detail that has been exploiting the error code that DNS repaired last year was launched on the Internet. Perhaps this error should be classified as 'extremely dangerous' (critical).

MS09-007

This update aims to fix a security flaw in the Schannel (Secure Channel Security Package) security package. If successfully exploited this error, hackers can use the user's login credentials to gain access to any server.

To be able to successfully exploit this security error, hackers must be able to access the certificate (certificate) of the user. Therefore, Microsoft does not appreciate this security error. However, Microsoft still classified this update as 'dangerous'.

Almost every operating system version is affected by this security error, such as Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Recommendation

Microsoft recommends that users should quickly download and update the above fixes to avoid the possibility of being exploited by hackers. Ideally, users should turn on the Windows auto-update feature so that the operating system automatically confirms the download and installation of necessary fixes whenever released by Microsoft.

It is noteworthy that in this March update, Microsoft did not release a file format fix for all versions of Microsoft Excel - including the latest version of Excel 2007 for Windows. and Excel 2008 for Mac OS.

Previously, security experts said that it seems that Microsoft has not had enough time to develop and test fully to ensure the quality of the fix so it cannot be released yet. In the meantime, users should avoid opening Excel files sent from unknown sources.