Posted: Thu Feb 10, 2005 8:51 am Post subject: Do your windows updates!!!
on February 8, Microsoft released 12 new Security Bulletins, 8 of them rated critical.
Among the critical patches are MS05-011, which patches a vulnerability in SMB that may have some "worm potential" and MS05-014, which patches a set of vulnerabilities in Internet Explorer including the "Drag and Drop" vulnerability for which exploits are already in the wild. MS05-004, which is already being exploited, and MS05-010 also deserve some attention as these could be used for hacking activities against our servers. Some of the other bulletins deal with vulnerabilities that require limited user interaction, several of these are already being exploited; please see the list below for details.
MS05-004 addresses a vulnerability in ASP.NET allowing an attacker to bypass the security of a website by sending a specially crafted URL. If exploited an attacker may gain unauthorized access to a website. This vulnerability is already being exploited. Microsoft rates this vulnerability as Important.
MS05-005 addresses a remote code executing vulnerability in Office XP, which may be exploited by luring the user into opening a specially crafted HTML link. If exploited an attacker may gain control of the victim's system up to the permissions of the user. Microsoft rates this vulnerability as Critical. Please note that limited user interaction is required to exploit this vulnerability.
MS05-006 addresses a cross-site scripting and spoofing vulnerability in SharePoint Server and SharePoint Team Services. The exploitation of this vulnerability may lead to the execution of malicious scripts on an end-user system. Microsoft rates this vulnerability as Moderate.
MS05-007 addresses a vulnerability in Windows that may allow disclosure of information (e.g. users that have open connections to a shared resource) by sending specially crafted packages to the system. Microsoft rates this vulnerability as Critical.
MS05-008 addresses a vulnerability in the Windows shell that attackers may use to copy arbitrary files to the victims system withouth displaying an appropriate dialog box by luring the user into visiting a malicious web site. By placing the file in a suitable location, the execution of this file may be triggered by the user or a system restart. This vulnerability is already being exploited. Microsoft rates this vulnerability as Important. Please note that limited user interaction is required to exploit this vulnerability.
MS05-009 addresses a vulnerability in the PNG handling of Windows Media Player 9 and various versions of Windows Messenger. An attacker may exploit this vulnerability by luring the user into opening a link to a malicious website and use the vulnerability to execute arbitrary code on the victim's system. Please note that limited user interaction is required to exploit this vulnerability.
Additionally two vulnerabilities exist in the PNG handling of Windows Messenger; however as Sametime is ABB's standard product for instant messenging no support will be granted for Windows Messenger.
MS05-010 addresses a vulnerability in the License Logging Service of Windows NT4, 2000 and 2003 Server products. This vulnerability could be exploited by establishing a connection with the License Logging Service and sending a specially crafted network message allowing the attacker to remotely execute code on the server. On Windows 2000 SP4, SBS 2000 running on Windows 2000 Server SP4 and Windows 2003 only authenticated users can establish connections with the License Logging Service; on Windows NT 4 Server, Windows 2000 SP3 and SBS 2000 on Windows Server 2000 SP3 anonymous users could establish connections to the License Logging Service. Microsoft rates this vulnerability as Critical.
MS05-011 addresses a vulnerability in SMB, which allows anonymous attackers to remotely execute code on a vulnerable system by sending a specially crafted broadcast-packets. First assessments indicate that this vulnerability has some potential to be exploited by a network-based worm; however routers that are set up according to standards are configured not to forward directed broadcasts, which would limit the effects of a possible worm to a single subnet. Please verify that your routers are configured accordingly. Microsoft rates this vulnerability as Critical.
MS05-012 addresses two vulnerabilities in COM and OLE. The vulnerability in COM can be exploited by an attacker logged on to a system and will result in an elevation of privileges. The OLE vulnerability allows an attacker to execute arbitrary code and can be exploited by luring the victim into opening a malicious email-attachment containing a malicious OLE object. It is currently unclear if this scenario also applies to our Notes setup. Microsoft rates this vulnerability as Critical. Please note that limited user interaction and/or access to the system is required for exploiting these vulnerabilities.
MS05-013 addresses a vulnerability in the DHTML Editing Component Active-X Control. This vulnerability can be exploited by luring the user into opening a malicious web-page or opening a malicious HTML e-mail (the latter will most likely not work in our Notes environment). If exploited this vulnerability enables an attacker to execute scripts in the Local Machine security zone in Internet explorer or access information stored in the filesystem of the victim's system. This vulnerability is already being exploited. Microsoft rates this vulnerability as Critical. Please note that limited user interaction is required to exploit this vulnerability.
MS05-014 is a cumulative update for Internet Explorer, which addresses a total of 4 vulnerabilities. Among those vulnerabilities is the "Drag and Drop" vulnerability that allows an attacker to copy arbitrary files onto the victims system withouth displaying an appropriate dialog box by luring the user into visiting a malicious web site. By placing the file in a suitable location, the execution of this file may be triggered by the user or a system restart. This vulnerability is already being exploited. Microsoft rates these vulnerabilities as Critical. Please note that limited user interaction is required to exploit these vulnerabilities.
MS05-015 addresses a vulnerability in the Hyperlink Object Library. An attacker could exploit this vulnerability by creating a specially crafted link and lure the user into clicking this link that may be delivered by a malicious web-site or email-message allowing the attacker to remotely execute code on the system. Microsoft rates this vulnerability as Critical. Please note that limited user interaction is required to exploit this vulnerability. _________________ Asia Expats Forum Expat Friends Dating
and there was me thinking that the major, and much vaunted, SP2 would
keep everything current for a while.
Even so, I can remember computers the early pre-windows computers which were certainly not user-friendly, and what we have today is vastly improved on those days.
Windows, in fact, my first computer didnt even have doors!
and there was me thinking that the major, and much vaunted, SP2 would
keep everything current for a while.
Even so, I can remember computers the early pre-windows computers which were certainly not user-friendly, and what we have today is vastly improved on those days.
Windows, in fact, my first computer didnt even have doors!
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Album
FAQ
Quizzes
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
