Network Security, Patch/Configuration Management, Vulnerability Management

Microsoft patch may not work

One of the patches issued by Microsoft this week does not fix one of the vulnerabilities it was meant to, according to PandaLabs. Bulletin MS09-008 was supposed to patch four flaws, but one of them -- related to Web Proxy Autodiscovery Protocol (WPAD) registration -- was not resolved, Panda said in a news release. Even with the patch, the bug is still active and can be used to launch man-in-the-middle attacks on Windows DNS servers, allowing an attacker to possibly access sensitive information, Panda said. — CAM

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.