Over the past two days, the Windows operating system has continued to be a target for hackers through vulnerabilities that have been discovered recently.
Initially, the exploits were carried out through two vulnerabilities disclosed in security bulletins MS05-053 and MS05-051. In fact, the exploitation began earlier this week but remained at a small, insignificant scale.
One of the two exploit methods took advantage of a critical vulnerability in the way Windows processes files saved in the Windows Metafile graphic format. This security flaw could cause the system to freeze and require a restart. Microsoft previously patched the graphic vulnerability in the security bulletin MS05-053, released on November 8, 2005.
The second exploit method exploited a vulnerability in the Microsoft Distributed Transaction Coordinator (MSDTC) mechanism, which was disclosed and patched in the security bulletin MS05-051, released on October 11, 2005. MSDTC is a component of the operating system commonly used by database software to manage transactions.
Recently, a vulnerability in Internet Explorer (IE) was also discovered, which could allow a type of Trojan to infiltrate and take control of the system if users inadvertently visit “malicious” websites.
Microsoft recommends that users promptly update their Windows operating system to mitigate the risk of attacks from hackers and viruses. Specifically, for the two mentioned vulnerabilities, users can download the updates from security bulletins MS05-053 and MS05-051.
