Network Computing is part of the Informa Tech Division of Informa PLC
Fortinet Discovers Critical Vulnerability
SUNNYVALE, Calif. -- Fortinet® the pioneer and leading provider of unified threat management (UTM) solutions today announced that its Fortinet Global Security Research Team was key in discovering one of the latest Microsoft critical vulnerabilities (CVE-2007-2222), called the Speech Control Memory Corruption Vulnerability, which impacts users of Microsoft Speech.
The two remote buffer overflow vulnerabilities exist in the xvoice.dll ActiveX component of Microsoft Speech version 4.0a, which can allow an attacker to execute arbitrary code on the affected system by exploiting either vulnerability. This, in turn, allows an attacker to take full control of a victims system.
Anything that allows the execution of arbitrary code from a remote source leaves a user open to cyber attackers exploiting and capitalizing on the vulnerability, said Steve Fossen, manager of threat research at Fortinet. Users should always install all updates for the software theyre using and protect their connected computers with threat mitigation solutions; otherwise theyre donating their resources to the hackers and spammers of the world.