|  |
BindView RAZOR Team Issues RapidFire Updates for Three New Microsoft Vulnerabilities
BindView Corp. announced that its RAZOR Rapid Response Team has created security checks for newly identified critical Microsoft vulnerabilities outlined in three separate Microsoft Security Bulletins.
BindView customers on current maintenance contracts running Vulnerability Management solutions that include bv-Control for Windows and/or bv-Control for Internet Security can take immediate protective action. BindView's RapidFire Update Service provides customers with immediate access to the updates via automatic distribution, or customers can download the new updates online at http://www.bindview.com/advisories/ADV_MSFT04-121504.cfm.
Who is at Risk
It is recommended that customers refer to the associated Microsoft Security Bulletins for full details. Following are the systems affected by these newly identified vulnerabilities:
MS04-042: This vulnerability allows attackers to compromise IT systems, creating denial of service and remote-code execution. Windows operating systems affected by this vulnerability include Windows Server NT 4.0 Service Pack 6a and Windows NT Server 4.0 Terminal Server Edition Service Pack 6. Windows 98, ME, 2000 XP and 2003 are not vulnerable.
MS04-044: The Local Security Authority Subsystem Service (LSASS) provides an interface for managing local security, domain authentication and Active Directory processes. There is a buffer overflow in the Local Procedure Call (LPC) interface to the LSASS which allows an attacker with local access to escalate their privileges to a higher level within the business-critical IT infrastructure. Microsoft operating systems affected by this new vulnerability include Windows NT, Windows NT Terminal Server Edition, Windows 2000, Windows XP and Windows 2003.
MS04-045: This vulnerability potentially causes service failures or executions of arbitrary code with the Windows Internet Naming Service (WINS), which provides address resolution for NetBIOS systems running in an Internet Protocol (IP) environment. The WINS server is vulnerable to a buffer overflow flaw, which allows for remote-code execution. Organizations at risk include those using Windows NT Server 4.0 Service Pack 6a, Windows NT Terminal Server Edition Service Pack 6, Microsoft Windows 2000 Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4 and Windows Server 2003 64-Bit Edition.
BindView has created vulnerability checks for bv-Control for Windows and bv-Control for Internet Security to assist customers in locating compromised systems. Once these systems are identified, customers should proceed with the outlined precautionary measures as quickly as possible.
Priority should be given to Internet-facing and other critical Web servers, as well as bv-Control for Windows installations. Also important are mobile systems connected to broadband networks -- including notebook computers -- that may be exposed to the Internet without firewall protection. 17.12.2004, BindView Corp.
Subscribe to the newsletter | | |
| | | |
