Microsoft, during their latest Patch Tuesday, has plugged 34 security holes while updating 14 security bulletins.
Four of the most critical bulletins were rated “highest priority” for enterprises.
14 bulletins is the highest amount of security bulletins ever released by the software giant during a Patch Tuesday, and a full eight were rated critical.
The four aforementioned “highest priority” bulletins are (via EW): MS10-052, which resolves a vulnerability in Microsoft’s MPEG Layer-3 audio codecs; MS10-055, which addresses a vulnerability in the Cinepak Codec used by Windows Media Player to support the AVI audiovisual format; MS10-056, which deals with four vulnerabilities in Microsoft Office; and MS10-060, which resolves two vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight.
Joshua Talbot, a security intelligence manager of Symantec Security Response pinpointed one of the none critical bulletins as being potentially very dangerous as well. That bulletin is MS10-054: “The SMB [protocol] pool overflow vulnerability [covered in MS10-054] should be a real concern for enterprises. Not only does it give an attacker system-level access to a compromised SMB server, but the vulnerability occurs before authentication is required from computers contacting the server. This means any system allowing remote access and not protected by a firewall is at risk.
“Best practices dictate that file or print sharing services, such as SMB servers, should not be open to the Internet. But such services are often unprotected from neighboring systems on local networks. So, a cyber-criminal could use a multistaged attack to exploit this vulnerability … [and] this issue affects more than just file servers using the SMB service. Workstations that have enabled file and print sharing are also at risk.”
[More]>>
Result for: windows media
Arstechnica is reporting today that RealVideo continues its death spiral, this time with C-SPAN getting rid of the streaming video format in favor of Flash and Windows Media.
Says the C-SPAN site: “Due to lack of demand for the RealVideo format, we will be retiring our links to C-SPAN live video streams in the RealVideo format effective March 1, 2010.”
The Ars reporter says the codec lives on in a few Government committees, such as the Senate’s Committee on Environment and Public Works but the FCC finally upgraded last year to Flash, after previously broadcasting all their meetings on a server that could handle only up to 200 users and produced 240×240 resolution video.
Result for: windows media
Speaking with Ars Technica in an extensive internet, Google’s Matthew Papakipos, the engineering director for the Chrome OS project, revealed that the operating system and the Chrome browser would include a media player. He said it would be the “equivalent of Windows Media Player.” The player will support HTML5 audio and video, as well as Flash, and will be integrated with services on the web.
For example, a GMail user can view an attached video file directly in the Chrome browser because the media player framework is built-in. Google’s Chrome operating system allows users to perform every day tasks such as checking e-mail, using social networking or just browsing the web. It is meant to provide long battery life for netbook users in particular.
The inclusion of a Chrome Media Player is then a necessity for users to be able to perform simple multimedia tasks offline. The operating system is still a work in progress by far, as Papakipos reveals that the team is still experimenting with many issues, such as ways to make use of dead space on widescreen monitors (the areas to the right and left of a web page that are blank, and may be quite large amounts of space depending on screen size).
