Microsoft Issues Warning About Bug Found By Google EngineerBy Channel Insider Staff | Posted 2010-06-11 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Microsoft issued a security advisory June 10 after a Google engineer published attack code targeting a Windows zero-day vulnerability on the Full Disclosure message list.Microsoft issues a security advisory in response to the publication by a Google employee of attack code for a zero-day vulnerability affecting Windows XP and Windows Server 2003.
The vulnerability, uncovered by Google engineer Tavis Ormandy, affects "the Windows Help and Support Center function that is delivered with Windows XP and Windows Server 2003," Microsoft said. Other editions of the operating system are not impacted by the bug. So far, Microsoft has not seen any evidence the vulnerability is being targeted in the wild. However, attacks may be forthcoming since Ormandy's code is public.