Uberdownloads Blog
Microsoft warns of Windows flaw affecting image rendering

width="120" height="100"/>
(Credit:
Microsoft)

Microsoft warned today of a Windows vulnerability that could allow an attacker to take control of a computer if the user is logged on with administrative rights.

To be successful, an attacker would have to send an e-mail with an attached Microsoft Word or PowerPoint file containing a specially crafted thumbnail image and convince the recipient to open it, Microsoft said in its advisory, which also contains information on workarounds.

An attacker also could place the malicious image file on a network share and potential victims would have to browse to the location in Windows Explorer.

The flaw, which is in the Windows Graphics Rendering Engine, could allow an attacker to run arbitrary code in the security context of the logged-on user, meaning that accounts that are configured to have fewer user rights would be affected less.

The vulnerability affects Windows XP Service Pack 3, XP Professional x64 Edition Service Pack 2, Server 2003 Service Pack 2, Server 2003 x64 Edition Service Pack 2, Server 2003 with SP2 for Itanium-based systems, Vista Service Pack 1 and Service Pack 2, Vista x64 Edition Service Pack 1 and Service Pack 2, Server 2008 for 32-bit, 64-bit, and Itanium-based systems and Service Pack 2 for each.

Microsoft said it is not aware of attacks exploiting the vulnerability or of any impact on customers at this time. The company is working on a fix but did not indicate when it would be available.

Originally posted at InSecurity Complex

LG Voice-to-Text app does for Windows Phone 7 what Microsoft didn’t
LG's Optimus 7 for AT&T. width="270" height="357"/>

LG’s Optimus 7 for AT&T.

(Credit:
LG Optimus 7)

We all agree there’s a lot to like about Windows Phone 7, Microsoft’s newest mobile operating system. However, there are some tools Microsoft could have inserted into its still-nascent mobile platform. A universal voice-to-text service is one of them–as we’ve noted before, Microsoft has a robust technology with TellMe.

Microsoft-powered voice commands are still a future feature we may see, even as soon as CES. In the meantime, manufacturers and carriers will need to fill in the gaps. LG did this for the LG Optimus Windows Phones in its LG Voice-to-Text application. Voice commands will let you dictate e-mails, text messages, and Twitter and Facebook status updates, for a start. The app, which is available for free in the Windows Market, is a rebranding of Nuance Communication’s Dragon Dictation software. Nuance is ever-present in the voice commands market and is often found in various guises on feature phones and smartphones.

LG Voice-to-Text is available for the AT&T LG Optimus 7 in English and Spanish, and for the European-bound LG Optimus 7Q in English, French, Italian, German, and Spanish.