Fresh security threat to Windows

13 Dec 2002

Microsoft is warning customers of a new security threat to its Windows system.

The software giant is requesting customers to be on the alert for a series of vulnerabilities in the system, which could allow malicious programmes written in Java to take over a computer.

Users could be affected by any of the eight vulnerabilities by visiting a web page that contains malicious Java code on it. They could do this by either browsing the web page or by receiving an email with HTML (hyper-text markup language) code in it that redirects them to it, according to John Montgomery a director in Microsoft’s developer platform.

He added that the vulnerabilities are in Microsoft’s Virtual Machine for Java, which is in all versions of Windows since Windows 98.

It’s understood the vulnerabilities range from one that is rated “critical” to others that are “important,” moderate” and “low”. Among the effects the malicious code could have are the reformatting of the hard drive to cause Internet Explorer to fail.

“Microsoft Outlook E-mail Security Update protects users against emails with malicious code,” said Montgomery.

Microsoft is also due to release a new version of its Java Virtual Machine and is encouraging people to install it if their systems have not already done so under the Windows automatic update service.

Montgomery commented that he knew of no-one to date who had been affected.

The company has made the improvement of software security a high priority after a series of high-profile viruses infected thousands of Windows based machines last year.

By Suzanne Byrne