S
Steve
Why is my Spyware not working. I have been using it for a
long time and it finds nothing and yet today I run
TrendMicro free online spyware and it finds 15 issues
(below).
What is the problem? I thought about buying the real
version but not sure now.
Steve
Results:
We have detected 15 vulnerability/vulnerabilities on your
computer.
Risk Level Issue How to Fix
Critical This security update addresses and resolves a
vulnerability in Internet Explorer that could allow remote
code execution. A Web page can be crafted to exploit this
vulnerability such that an arbitrary application can be
executed on visiting systems with the same priviledge as
the currently logged on user. MS04-040
Important This security advisory explains the two
discovered vulnerabilities in Microsoft Word for Windows
6.0 Converter, which is used by WordPad in converting Word
6.0 to WordPad file format. Once exploited, this remote
code execution vulnerability could allow a malicious user
or a malware to take complete control of the affected
system if the affected user is currently logged on with
administrative privileges. MS04-041
Critical A remote code execution vulnerability exists in
HyperTerminal because of a buffer overrun. If a user is
logged on with administrator privileges, an attacker could
exploit the vulnerability by constructing a malicious
HyperTerminal session file that could potentially allow
remote code execution and then persuade a user to open
this file. This malicious file may enable the attacker to
gain complete control of the affected system. This
vulnerability could also be exploited through a malicious
Telnet URL if HyperTerminal had been set as the default
Telnet client. MS04-043
Important This security update addresses and resolves two
windows vulnerabilites, both of which may enable the
current user to take control of the affected system. Both
of these vulnerabilites require that the curernt user be
able to log on locally and execute programs. They cannot
be exploited remotely, or by anonymous users. A privilege
elevation vulnerability exists in the way that the Windows
Kernel launches applications. This vulnerability could
allow the current user to take complete control of the
system. A privilege elevation vulnerability exists in the
way that the LSASS validates identity tokens. This
vulnerability could allow the current user to take
complete control of the affected system. MS04-044
Critical This update resolves a newly-discovered, publicly
reported vulnerability. A vulnerability exists in the HTML
Help ActiveX control in Windows that could allow
information disclosure or remote code execution on an
affected system. MS05-001
Critical This update resolves several newly-discovered,
privately reported and public vulnerabilities. An attacker
who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected
system, install programs, view, change, or delete data, or
create new accounts that have full privileges. MS05-002
Important This update resolves a newly-discovered,
privately reported vulnerability. An attacker who
successfully exploited this vulnerability could take
complete control of an affected system. An attacker could
then install programs, view, change, or delete data, or
create new accounts with full privileges. While remote
code execution is possible, an attack would most likely
result in a denial of service condition. MS05-003
Important A vulnerability in ASP.NET allows an attacker to
bypass the security of an ASP.NET Web site, and access a
machine. The attacker gains unauthorized access to some
areas of the said Web site, and is able to control it
accordingly. The actions that the attacker could take
would depend on the specific content being protected.
MS05-004
Important This remote code execution vulnerability exists
in the way Windows handles drag-and-drop events. An
attacker could exploit the vulnerability by constructing a
malicious Web page that could potentially allow an
attacker to save a file on the users system if a user
visited a malicious Web site or viewed a malicious e-mail
message. MS05-008
Critical This remote code execution vulnerability exists
in the processing of PNG image formats. An attacker who
successfully exploits this vulnerability could take
complete control of an affected system. MS05-009
Critical This remote code execution vulnerability exists
in Server Message Block (SMB). It allows an attacker who
successfully exploits this vulnerability to take complete
control of the affected system. MS05-011
Critical This privilege elevation vulnerability exists in
the way that the affected operating systems and programs
access memory when they process COM structured storage
files. This vulnerability could grant a currently logged-
on user to take complete control of the system.;This
remote code execution vulnerability exists in OLE because
of the way that it handles input validation. An attacker
could exploit the vulnerability by constructing a
malicious document that could potentially allow remote
code execution. MS05-012
Critical This vulnerability exists in the DHTML Editing
Component ActiveX Control. This vulnerability could allow
information disclosure or remote code execution on an
affected system. MS05-013
Critical This update resolves known vulnerabilities
affecting Internet Explorer. An attacker who successfully
exploits these vulnerabilities could take complete control
of an affected system. An attacker could then install
programs; view, change, or delete data; or create new
accounts with full user rights. MS05-014
Critical A remote code execution vulnerability exists in
the Hyperlink Object Library. This problem exists because
of an unchecked buffer while handling hyperlinks. An
attacker could exploit the vulnerability by constructing a
malicious hyperlink which could potentially lead to remote
code execution if a user clicks a malicious link within a
Web site or e-mail message. MS05-015
long time and it finds nothing and yet today I run
TrendMicro free online spyware and it finds 15 issues
(below).
What is the problem? I thought about buying the real
version but not sure now.
Steve
Results:
We have detected 15 vulnerability/vulnerabilities on your
computer.
Risk Level Issue How to Fix
Critical This security update addresses and resolves a
vulnerability in Internet Explorer that could allow remote
code execution. A Web page can be crafted to exploit this
vulnerability such that an arbitrary application can be
executed on visiting systems with the same priviledge as
the currently logged on user. MS04-040
Important This security advisory explains the two
discovered vulnerabilities in Microsoft Word for Windows
6.0 Converter, which is used by WordPad in converting Word
6.0 to WordPad file format. Once exploited, this remote
code execution vulnerability could allow a malicious user
or a malware to take complete control of the affected
system if the affected user is currently logged on with
administrative privileges. MS04-041
Critical A remote code execution vulnerability exists in
HyperTerminal because of a buffer overrun. If a user is
logged on with administrator privileges, an attacker could
exploit the vulnerability by constructing a malicious
HyperTerminal session file that could potentially allow
remote code execution and then persuade a user to open
this file. This malicious file may enable the attacker to
gain complete control of the affected system. This
vulnerability could also be exploited through a malicious
Telnet URL if HyperTerminal had been set as the default
Telnet client. MS04-043
Important This security update addresses and resolves two
windows vulnerabilites, both of which may enable the
current user to take control of the affected system. Both
of these vulnerabilites require that the curernt user be
able to log on locally and execute programs. They cannot
be exploited remotely, or by anonymous users. A privilege
elevation vulnerability exists in the way that the Windows
Kernel launches applications. This vulnerability could
allow the current user to take complete control of the
system. A privilege elevation vulnerability exists in the
way that the LSASS validates identity tokens. This
vulnerability could allow the current user to take
complete control of the affected system. MS04-044
Critical This update resolves a newly-discovered, publicly
reported vulnerability. A vulnerability exists in the HTML
Help ActiveX control in Windows that could allow
information disclosure or remote code execution on an
affected system. MS05-001
Critical This update resolves several newly-discovered,
privately reported and public vulnerabilities. An attacker
who successfully exploited the most severe of these
vulnerabilities could take complete control of an affected
system, install programs, view, change, or delete data, or
create new accounts that have full privileges. MS05-002
Important This update resolves a newly-discovered,
privately reported vulnerability. An attacker who
successfully exploited this vulnerability could take
complete control of an affected system. An attacker could
then install programs, view, change, or delete data, or
create new accounts with full privileges. While remote
code execution is possible, an attack would most likely
result in a denial of service condition. MS05-003
Important A vulnerability in ASP.NET allows an attacker to
bypass the security of an ASP.NET Web site, and access a
machine. The attacker gains unauthorized access to some
areas of the said Web site, and is able to control it
accordingly. The actions that the attacker could take
would depend on the specific content being protected.
MS05-004
Important This remote code execution vulnerability exists
in the way Windows handles drag-and-drop events. An
attacker could exploit the vulnerability by constructing a
malicious Web page that could potentially allow an
attacker to save a file on the users system if a user
visited a malicious Web site or viewed a malicious e-mail
message. MS05-008
Critical This remote code execution vulnerability exists
in the processing of PNG image formats. An attacker who
successfully exploits this vulnerability could take
complete control of an affected system. MS05-009
Critical This remote code execution vulnerability exists
in Server Message Block (SMB). It allows an attacker who
successfully exploits this vulnerability to take complete
control of the affected system. MS05-011
Critical This privilege elevation vulnerability exists in
the way that the affected operating systems and programs
access memory when they process COM structured storage
files. This vulnerability could grant a currently logged-
on user to take complete control of the system.;This
remote code execution vulnerability exists in OLE because
of the way that it handles input validation. An attacker
could exploit the vulnerability by constructing a
malicious document that could potentially allow remote
code execution. MS05-012
Critical This vulnerability exists in the DHTML Editing
Component ActiveX Control. This vulnerability could allow
information disclosure or remote code execution on an
affected system. MS05-013
Critical This update resolves known vulnerabilities
affecting Internet Explorer. An attacker who successfully
exploits these vulnerabilities could take complete control
of an affected system. An attacker could then install
programs; view, change, or delete data; or create new
accounts with full user rights. MS05-014
Critical A remote code execution vulnerability exists in
the Hyperlink Object Library. This problem exists because
of an unchecked buffer while handling hyperlinks. An
attacker could exploit the vulnerability by constructing a
malicious hyperlink which could potentially lead to remote
code execution if a user clicks a malicious link within a
Web site or e-mail message. MS05-015