Microsoft reveals 'critical' flaw
- Subject: Microsoft reveals 'critical' flaw
- From: Gary Stoneburner <gary.stoneburner@nist.gov>
- Date: Fri, 25 Jul 2003 17:04:24 -0400
- Content-Type: multipart/alternative; boundary="=====================_5691031==.ALT"
re:
http://news.com.com/2100-1002_3-5053428.html?tag=fd_top
"Microsoft issued another passel of warnings about security holes
Wednesday, including a "critical" flaw that affects most
Windows PCs. ... The flaw is unusually widespread, affecting
all versions of DirectX from version 5.2 to the current 9.0a running on
all versions of Windows from Windows 98 through the new Windows Server
2003, according to the Microsoft bulletin. The flaw, which received
Microsoft's highest severity rating, involves the way DirectX handles
MIDI
music files. A malformed MIDI file could overrun the buffer in DirectX, at which point extra software embedded in the file would be executed."
But it was just a music file !?!?
Them and us. The bad guys and the good guys. But as far as chances of winning - "us" are like Iraq (those of us doing a "good" job - Republican Guards, the rest - regular Army) and "them" is like the US III Corps. Whose gonna win?
Cheers,
Gary
**************************************************************************
* Opinions expressed are not intended to reflect an official position
**************************************************************************
* Gary Stoneburner
* Computer Security Division, National Institute of Standards & Technology
* 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930
* Phone: 301-975-5394, FAX: 301-948-0279, Email: Stoneburner@nist.gov
* http://csrc.nist.gov/staff/stoneburner/gshome.html
**************************************************************************
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov