Surprise. Three new vulnerabilities have been discovered in Microsoft's Windows operating system, leaving computers using that OS open to possible hacker attacks - extends to PCs running the recently released XP SP2 (Service Pack 2). Antivirus company Symantec Corp. confirmed that unpatched Windows vulnerabilities could pose a serious risk for exploits via malicious Web pages and e-mail messages after security researchers published the details of the heap overflow vulnerabilities in messages posted to online security news groups. The flaws affect most supported versions of Windows, Microsoft has not issued a patch for the newly disclosed holes.

One of the three security vulnerabilities involves image handling. The other two risks are found in the Help system and in Window's ANI authentication.

Symantec suggested you make sure virus definitions include the Bloodhound.Exploit.19 signature and that you should block e-mail attachments with an .hlp extension, avoid untrusted sites or e-mail messages from unknown sources, and read messages in plaintext format.

- MORE