• On TechRepublic: Get 5 cool Microsoft apps -- for free
April 16, 2008 1:45 PM PDT

Symantec warns of attempts to target Windows hole

by Elinor Mills
  • Font size
  • Print
  • 2 comments

Symantec is warning Windows users to install a critical patch or risk losing control of their computers.

(Credit: Symantec)
The firm has seen attempts to exploit a GDI (graphics device interface) vulnerability in Windows that Microsoft patched last week, says Alfred Huger, vice president of development for Symantec Security Response.

"It's our belief that the vulnerability is being successfully targeted," he said on Wednesday. "We're seeing continued exploitation of it" in the wild.

As a result of the activity, Symantec raised the threat level for the vulnerability from level 1, the lowest, to level 2, a medium-level threat. The highest is level 4.

In the attempted exploits, a malicious image hosted by at least three different Web sites targets the GDI stack overflow vulnerability, according to Symantec.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Security,

Windows,

Microsoft

Tags:

Windows,

security

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
Microsoft fixes 8 IE holes, including one used in attacks
IE exploit code released on the Internet
McAfee: China attacks a 'watershed moment'
26 Windows, Office holes patched in 13 bulletins
Behind the China attacks on Google (FAQ)
Microsoft to release patch for IE hole on Thursday
Google China insiders may have helped with attack
In their words: Experts weigh in on Mac vs. PC security
Add a Comment (Log in or register)
???
by rmva April 16, 2008 2:53 PM PDT
Didn't I read this same report, word for word, last Friday?
Reply to this comment
ThreatCon dropped
by sysopdr April 17, 2008 11:06 AM PDT
Symantec has dropped the threatcon level back to 1 saying the current attacks are unreliable and not very wide spread.<br />This may just be someone testing and a new attack may be coming or it may just go away.
Reply to this comment
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement
Click Here

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET