Fortinet Discovers Critical Vulnerability
Fortinet discovers critical vulnerability affecting Microsoft Speech Engines
June 12, 2007
SUNNYVALE, Calif. -- Fortinet® – the pioneer and leading provider of unified threat management (UTM) solutions – today announced that its Fortinet Global Security Research Team was key in discovering one of the latest Microsoft™ critical vulnerabilities (CVE-2007-2222), called the “Speech Control Memory Corruption Vulnerability,” which impacts users of Microsoft Speech™.
The two remote buffer overflow vulnerabilities exist in the “xvoice.dll” ActiveX component of Microsoft Speech version 4.0a, which can allow an attacker to execute arbitrary code on the affected system by exploiting either vulnerability. This, in turn, allows an attacker to take full control of a victim’s system.
“Anything that allows the execution of arbitrary code from a remote source leaves a user open to cyber attackers exploiting and capitalizing on the vulnerability,” said Steve Fossen, manager of threat research at Fortinet. “Users should always install all updates for the software they’re using and protect their connected computers with threat mitigation solutions; otherwise they’re donating their resources to the hackers and spammers of the world.”
You May Also Like
Maximizing cloud potential: Building and operating an effective Cloud Center of Excellence (CCoE)
September 10, 2024Radical Automation of ITSM
September 19, 2024Unleash the power of the browser to secure any device in minutes
September 24, 2024