Security Alerts




Windows File Handling Remote Code Execution Flaw

Severity:?Medium Summary: These vulnerabilities affect: All current versions of Windows How an attacker exploits them: ?By tricking your users into running a .bat or .cmd file from a network location Impact: In the worst case, an attacker can gain complete control of your Windows computer What to do: Install the appropriate Microsoft patches as soon as possible, or let Windows Automatic Update do it for you Exposure: As part of Patch Day,?Microsoft released a Windows security bulletin describing a code execution vulnerability involving the way it handles .bat and .cmd files, otherwise known as Windows batch files. Windows batch files allow you to write multiple, scripted commands which will run together (as a batch) when you run the file. Window’s suffers from a vulnerability in they way they process these files, which attackers could exploit to execute arbitrary code.

Source:
Windows File Handling Remote Code Execution Flaw
April 10, 2014 — Category: Security Alerts