[One of the two critical vulnerabilities in the bulletin is within the Microsoft Distributed Transaction Coordinator (MSDTC), code that's used to coordinate any sort of transaction on multiple servers, such as database queries.] It's a service used primarily in enterprises, ... You don't see it much on smaller-scale servers or desktops. |
A little bit of success is like blood in the water for sharks. |
But we may see some targeted attacks, ... The most credible would be to have these [image] files embedded within an e-mail. |
I think it's doubtful that we'll see this widely exploited. |
It requires user interaction of some sort, which takes it down a notch from MS05-051, but it is still a serious vulnerability. |
It's a service used primarily in enterprises. You don't see it much on smaller-scale servers or desktops. |
Patch Tuesday. Because it is quiet, it does give people an opportunity to catch up and make sure they are protected. |
Security software is usually the first inline that looks at incoming data. |
The scope of the affected platform is exactly the same, and these services are run by default on Windows 2000. In terms of ease of exploitation, they're not incredibly difficult to exploit, but they're not as easy as the Plug and Play vulnerability. |
There are wide open connections everywhere. |
This could have a similar impact [to MS05-039], ... It remains to be seen whether it can be exploited as easily as that earlier vulnerability. |
This could have a similar impact [to MS05-039]. It remains to be seen whether it can be exploited as easily as that earlier vulnerability. |
We will continue to see this type of vulnerabilities in every major application for the foreseeable future. It is not just images, but any type of complex file format. This is something that security researchers and hackers have realized to be a weak point in many applications. |