Microsoft issued a formal security advisory late Tuesday on a reported zero-day flaw in Windows Vista and Windows Server 2008. However, the software maker also said that the flaw does not affect the final version of Windows 7, contrary to earlier reports.
"Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation," Microsoft said in the advisory. "We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time."
The flaw could allow an attacker to gain control of a system, … Read more
A pro-open-source group said on Tuesday that it has acquired 22 patents recently sold by Microsoft--patents that the group said could have been used against Linux.
The Open Invention Network said that the patents were purchased from Microsoft by an entity known as the Allied Security Trust. OIN said it has now acquired the patents from AST, although it wouldn't say how much it paid.
"Today's announcement evidences OIN's continued commitment to acquire patents that may be relevant to Linux," OIN CEO Keith Bergelt said in a statement. "The prospect of these patents being … Read more
Microsoft on Tuesday issued five critical Windows-related updates as part of its monthly Patch Tuesday release.
While the issues affect different versions of Windows differently, Microsoft said none of the issues apply to the final version of Windows 7, which Microsoft wrapped up in July.
The five bulletins address eight vulnerabilities. According to Symantec Security Response research manager Ben Greenbaum, the two vulnerabilities most likely to be used by attackers involve the way Windows handles ASF and MP3 media files. "We've seen similar exploits in the past and all a user would have to do is visit a … Read more
Ahead of a broadcasting conference that starts later this week in Amsterdam, Microsoft on Tuesday shared a few new details on the next version of Silverlight.
In particular, Microsoft said the next version of the Adobe Flash rival would support its PlayReady digital rights management technology for offline content. That feature should allow studios to offer extras commonly found on DVD and Blu-ray discs on movies that are distributed digitally, Microsoft said.
Microsoft has not said when the new version--Silverlight 4--will ship. Silverlight 3 was launched in July at an event in San Francisco.
At that time, Microsoft said it … Read more
Microsoft said on Tuesday that it is investigating reports of a zero-day vulnerability affecting Windows 7 and Vista.
The flaw in Windows 7 could allow an attack which would cause a critical system error, or "blue screen of death," according to researcher Laurent Gaffie.
Gaffie wrote in his blog that the flaw lies in a Server Message Block 2 (SMB2) driver.
"SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality," wrote Gaffie in a blog post Monday.
Gaffie said he had contacted Microsoft. Comments on his blog by other users said … Read more
Microsoft has at times alleged patent infringement in its attempts to stifle certain Linux-based applications. But one group is hoping to fight back by using Microsoft's own former patents.
The Open Invention Network (OIN), a group made up of Microsoft competitors and Linux advocates,said it's close an agreement to buy 22 patents that Microsoft sold to another organization earlier this year. According to Tuesday's Wall Street Journal, the patents may relate to Linux.
The OIN believes that getting these patents is critical to protecting Linux developers from costly lawsuits, according to the Journal. The concern is … Read more
A vulnerability in Microsoft's software for housing Web sites is now being used for "limited attacks" on the servers it's running on, the company said Friday.
Microsoft disclosed the Internet Information Services (IIS) vulnerability on Monday and said Friday it's still working on a security update to fix the problem. In the meantime, the advisory has instructions for a workaround, including disabling various elements of the vulnerable FTP (File Transfer Protocol) service to upload and download files.
According to the advisory, the vulnerability could let somebody run arbitrary code on a server using FTP on … Read more
Kai-Fu Lee, the president of Google's Greater China operation and the subject of a bitter employee custody battle between Google and Microsoft, will leave the search giant later this month.
Lee, who left Microsoft in 2005 to take over Google's operations in China, is resigning from the company to start his own venture and will be succeeded by a Google employee, the company confirmed Thursday evening. Lee's departure was first reported by the Wall Street Journal.
"With a very strong leadership team in place, it seemed a very good moment for me to move to the … Read more
Updated at 8:30 p.m. PDT with comment from i4i.
Microsoft has been granted a stay of a landmark injunction in a patent infringement case that would have required the software giant to stop selling its popular Word in its current form by next month.
The U.S. Court of Appeals for the Federal Circuit on Thursday granted Microsoft's motion for a stay, pending appeal, of an injunction issued in August by a federal judge that bars sales of Word that include a custom XML code found to infringe on patents held by i4i--the plaintiff.
"We are … Read more