Thursday, January 06, 2011

Microsoft Fix it Available for Security Advisory 2490606

Two days ago, Microsoft released Security Advisory 2490606 to address a publicly disclosed vulnerability affecting Microsoft Windows Graphics Rendering Engine, Microsoft was not aware of any public attacks.  That has since changed and Microsoft has started to see targeted attacks.  As explained in the Security Advisory,

"An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

It is important to note that the vulnerability does not affect Windows 7 or Windows Server 2008 R2.  However, it does affect Windows Vista, Windows Server 2003, and Windows XP.

In addition to the common sense advice to enable a firewall, get software updates (including third-party software) and install antivirus software, Microsoft has created a Fix it solution as a workaround option for some scenarios. To enable the solution until a security update is released, download and run Microsoft Fix it 50590.  After a security update is released, merely reverse the process by downloading and running Microsoft Fix it 50593.

Enable:  Microsoft Fix it 50590
Disable: Microsoft Fix it 50593

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Anonymous said...

Who's better than you, Corrine?

Thanks for helping keep us up-to-date.

-Brian Fiori (AKA The Dean)

Corrine said...

Thanks, Brian.

I don't post "everything" but try to cover what I think is most important for home computer users.