Microsoft has released yet another critical update. This time, it is geared towards websites running FrontPage Server Extensions (FPSE). Servers using FPSE 2000 could be exploited by attackers to cause Denial-of-Service. In servers using FPSE 2002, the attacker could even take control of the website by running the code of their choice.
The Server Extensions act as a bridge between FrontPage-created websites and the users who view them in a myriad of browsers. The flaw lets an attacker run code on a compromised machine.The security update can be found on Microsoft's TechNet, and Windows Update.
This vulnerability does not affect consumers. It affects only website administrators who have activated the SmartHTML interpreter in FrontPage Extensions.
Article @ TechTV's TechLive.
Further Reading: Read and find more news at our news index page.