The Enterprise Security Supersite
NewsFactor Network Sites:   NewsFactor.com Security CRM Business Sci-Tech Newsletters XML/RSS Feed  
   
Home Network Security Viruses & Malware Spam & Hackers Security Products More Topics...
Computing
Average Rating:
Rate this article:  
Researchers Rate All Six Microsoft Patches as Critical Researchers Rate All Six Microsoft Patches as Critical
By Jennifer LeClaire
July 15, 2009 8:57AM

Bookmark and Share
Microsoft rated three of six Patch Tuesday issues as critical, but security researchers say the other three can quickly escalate. Wolfgang Kandek of Qualys said the ISA, Publisher and virtualization vulnerabilities can give a remote attacker control of a computer. Andrew Storms of nCircle hopes for a more complete ActiveX patch later.
 

Related Topics

Microsoft
Patch Tuesday
ISA
Microsoft Publisher
Virtualization
ActiveX

Latest News

Consumer Watchdog Attacks Google
Spammers Take Over Apple's Ping
U.N.: BlackBerry Data Requests Legit
India Security Crackdown Continues
VMware Reinforces 'IT as a Service'

(Page 2 of 2)

ISA Authentication Bypass Vulnerability

As a researcher, Tyler Reguly, a senior security engineer at nCircle, is most interested in the ISA authentication bypass vulnerability. The severity of bypassing authentication on a Web page is often underestimated, he said. Considering the private corporate Web sites that are available through the Internet, and the amount of personal information contained on them, he deems this vulnerability scary.

"I think they had it right with missile launches -- two people, two keys. We live in an age where multifactor authentication should be mandatory. Fingerprint scanners + RFID cards are common for entry to offices, but a Web site takes a known username -- or worse, an e-mail address -- and a password, and that's just wrong," Reguly said. "Relying on a second method of authentication would make this vulnerability much less severe. Essentially, the second factor would still keep the attacker out even after this vulnerability had been exploited."

< Previous Page  |  1  |  2

 

Tell Us What You Think
Comment:

Name:

Also Visit:
Product Information and Resources for Technology You Can Use To Boost Your Business

CRM Systems

  2 million CRM success stories and counting...

Contact Centers

  Enable a multi-channel customer support experience with Parature

Customer Service

  White Paper How Do You Avoid the 5 Big Mistakes Customer Service Teams Make?

Enterprise Hardware

  HP ProLiant DL380 G7 Servers powered by Intel® Xeon® processor 5600 Series.

Enterprise Software

  See what the Sales Cloud can do for your company...

Hardware

  HP ProLiant DL380 G7 Servers powered by Intel® Xeon® processor 5600 Series.

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Spam & Hackers | Security Products | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | Free Whitepapers | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2010 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.