This vulnerability is due to a default configuration that allows files to be downloaded without prompting the user. In addition, downloaded files can be opened with a single click, which could allow a user to inadvertently open a malicious file.
Archive for September, 2008
Microsoft has issued a Security Bulletin Advance Notification indicating that its September release cycle will contain four bulletins, all of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, and
Visual Studio. Release of these bulletins is scheduled for Tuesday, September 9.
spam email messages are being sent that appear to come from high-level DHS officials, some of which attempt to entice the user into an advance fee fraud scam. In some cases, the sender’s address has been spoofed so that the email appears to come from a legitimate dhs.gov address.