April 2013 Issue

Threat of the month

Threat of the month: Universal Plug and Play vulnerabilities

Subscribe
Archive

Subscribe	Advertising

Archive	Login \| Register

House Intelligence Committee OKs amended CISPA

Poll results: Is the cyber security executive order good enough?

LIVE NOW: Mobile security eSymposium

SC Editions

Chuck Miller

March 12, 2009

Microsoft patch may not work

One of the patches issued by Microsoft this week does not fix one of the vulnerabilities it was meant to, according to PandaLabs. Bulletin MS09-008 was supposed to patch four flaws, but one of them -- related to Web Proxy Autodiscovery Protocol (WPAD) registration -- was not resolved, Panda said in a news release. Even with the patch, the bug is still active and can be used to launch man-in-the-middle attacks on Windows DNS servers, allowing an attacker to possibly access sensitive information, Panda said. — CAM

Microsoft patches for GDI, DNS vulnerabilities

Editorial

Threat of the month

House Intelligence Committee OKs amended CISPA

Poll results: Is the cyber security executive order good enough?

LIVE NOW: Mobile security eSymposium

Microsoft patch may not work

Next Article in News

Google's interest-based advertising sparks privacy debate

Sign up to our newsletters

SC Magazine Articles

More in News

Bitcoin mining botnet has become one of the most prevalent cyber threats

House Intelligence Committee OKs amended version of controversial ...

Judge rules hospital can ask ISP for help ...