Hackers attack two serious

Security firms have warned hackers are exploiting two recent Microsoft vulnerabilities to attack Windows operating systems. The only unaffected operating system version is Windows XP SP3.

In a statement released April 11, Symantec said it was recording signs of exploiting the graphical device interface (GDI) vulnerability that Microsoft fixed on April 8, 2008. Microsoft classified these two vulnerabilities as "serious", which could affect all Windows versions, including Windows Vista SP1 and Server 2008 versions. Hackers can exploit vulnerabilities by activating an image file. WMF images (Windows Metafile) or EMF (Enhanced Metafile) are specially built.

Analysts paid close attention to the two holes and said they were quite similar to a vulnerability that was discovered in late 2005, that hackers exploited them for several months later.

Amol Sarwate, director of Qualys' s security research division, said that hackers will quickly succeed with code exploiting vulnerabilities because only a simple photo viewer on the network or e - mail will make the system. Can be attacked.

The paradox is that while both versions of the latest operating system - Windows Vista SP1 and Server 2008 suffer from the above vulnerabilities, the Windows XP SP3 version is not affected. The release date of Windows XP SP3 has not been announced yet, but it is expected that they will be released later this April.