• Home
  • Reviews
  • Articles
  • News
  • Tools
  • GamingHeaven
  • Forums
  • Network
 

Go Back   DriverHeaven.net > Forums > News > News
Reload this Page

Microsoft warns of virtual machine vulnerability

Register FAQ Members List Search Today's Posts Mark Forums Read

Notices
DriverHeaven is currently recruiting for the AWOMO Beta Test / Elite Op Team. AWOMO is a digital download service for games, and we're looking to expand the beta team. If you're interested. Sign up as a member here at DriverHeaven and then head HERE to submit your details. Thanks
For more info on AWOMO visit their site HERE
Welcome to the DriverHeaven.net forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.

Reply
 
LinkBack Thread Tools
Old Apr 9, 2003, 05:36 PM   #1
Burned
 
Zardon's Avatar
 
Join Date: May 2002
Posts: 29,782
Rep Power: 1104
Zardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his statusZardon is godlike in his status

Microsoft warns of virtual machine vulnerability
BOSTON -- Microsoft warned users on Wednesday about two new security vulnerabilities affecting its Microsoft Virtual Machine, Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 products.

The Microsoft Virtual Machine (VM) contains a critical vulnerability that could allow a remote attacker to gain control of affected machines, according to security bulletin MS03-011. (See http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-011.asp.)

The vulnerability, in code for a VM process called the ByteCode Verifier, could enable an attacker to use illegal sequences of byte codes to bypass security checks in the software, Microsoft said.

The ByteCode Verifier process is responsible for checking code as it is being loaded into the Virtual Machine, the company said.

Attackers could launch an attack using a Java applet embedded in a Web page or HTML (Hypertext Markup Language) format e-mail message. Once compromised, a vulnerable machine could be used to run the attacker's code, though only with the permission of the active user account, Microsoft said.

The Microsoft Virtual Machine is a key component of all supported versions of the Windows operating system, including Windows 2000 and Windows XP. It is also shipped with the Internet Explorer Web browser and other Microsoft software, the company said. Paul Roberts
Zardon is offline   Reply With Quote


 

  
Powered by: vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0
vBulletin implementation by Craig '5320' Humphreys

Contact Us - DriverHeaven.net - Top
All times are GMT -5. The time now is 01:15 AM. Copyright ©2008 HeavenMedia.net