Ad: Manage updates with the Download App
ie8 fix

VBScript

Microsoft to fix 25 holes in Windows, Office, Exchange

Microsoft will issue 11 security bulletins in next week's Patch Tuesday to fix 25 vulnerabilities in Windows, Microsoft Office, and Exchange, including two holes for which exploit code is in the wild.

Five of the bulletins address critical vulnerabilities that could allow an attacker to take control of the computer, five are rated important, and one is rated moderate.

With the updates, Microsoft will be closing two outstanding security advisories that have been worrisome because code to exploit the vulnerabilities is available publicly.

One of the advisories is 981169, which involves a vulnerability in VBScript that could allow the … Read more

Microsoft warns of zero-day hole for older Windows

Microsoft warned of a new hole on Monday that could be exploited by attackers to take control of older Windows systems running Internet Explorer and for which proof-of-concept exploit code has been released publicly.

The vulnerability affects Windows 2000-, XP- and Server 2003-based systems. It exists in the way that Visual Basic Scripting, or VBScript, interacts with Windows Help files, Microsoft said in its security advisory. VBScript is an Active Scripting language for executing functions embedded in Web pages.

In an attack scenario, victims would somehow be lured to visit a malicious Web site that displays a specially crafted dialog … Read more