Re: SEcurity patch message
From: YoKenny (YKnot_at_home.invalid)
Date: 10/28/03
- Next message: Michael: "Using administrator accounts for local logons"
- Previous message: Denis Roy: "Re: local security policy in a 2003 Domain"
- In reply to: Bill G.: "SEcurity patch message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Oct 2003 15:38:49 -0500
Bill G. wrote:
> This is what came to me by means of a pop-up. Is this
> the bs I think it is.
Yes!
> This page is from
> www.connectsecurely.com.
> Thanks for the heads-up.
It is like an organized crime protection racket scam. Install the latest
updates from Microsoft. Get a firewall.
http://www.microsoft.com/security/protect/default.asp
> Microsoft Home | MSN Home | Subscribe | Manage
> Your Profile
> Microsoft Security Bulletin MS03-043
>
> Buffer Overrun in Messenger Service Could Allow Code
> Execution (828035)
> Issued: October 22, 2003
> Version Number: 1.1
>
> Summary
> Who Should Read This Document: Customers using Microsoft®
> Windows®
>
> Impact of Vulnerability: Remote Code Execution
>
> Maximum Severity Rating: Critical
>
> Recommendation: Customers should install the patch
> immediately
>
> Caveats: None
>
> Tested Software and Patch Download Locations:
>
> Affected Software:
>
> Microsoft Windows NT Workstation - Download the patch
> Microsoft Windows NT - Download the patch
> Microsoft Windows 2000 - Download the patch
> Microsoft Windows XP - Download the patch
> Microsoft Windows Win98 -Download the patch
> Microsoft Windows Server 2003 - Download the patch
> Non Affected Software:
>
> Microsoft Windows Millennium Edition
> The software listed above has been tested to determine if
> the versions are affected. Other versions are no longer
> supported, and may or may not be affected.
>
> Technical Description:
>
> A security vulnerability exists in the Messenger Service
> that could allow arbitrary code execution on an affected
> system. The vulnerability results because the Messenger
> Service does not properly validate the length of a
> message before passing it to the allocated buffer.
>
> An attacker who successfully exploited this vulnerability
> could be able to run code with Local System privileges on
> an affected system, or could cause the Messenger Service
> to fail. The attacker could then take any action on the
> system, including installing programs, viewing, changing
> or deleting data, or creating new accounts with full
> privileges.
>
> Mitigating factors:
>
> Messages are delivered to the Messenger service via
> NetBIOS or RPC. If users have blocked the NetBIOS ports
> (ports 137-139) - and UDP broadcast packets using a
> firewall, others will not be able to send messages to
> them on those ports. Most firewalls, including Internet
> Connection Firewall in Windows XP, block NetBIOS by
> default.
> Disabling the Messenger Service will prevent the
> possibility of attack.
> On Windows Server 2003 systems, the Messenger Service is
> disabled by default.
> Severity Rating:
>
> Windows NT Critical
> Windows Server NT 4.0 Terminal Server Edition Critical
> Windows 2000 Critical
> Windows XP Critical
> Windows Server 2003 Moderate
>
> The above assessment is based on the types of systems
> affected by the vulnerability, their typical deployment
> patterns, and the effect that exploiting the
> vulnerability would have on them.
- Next message: Michael: "Using administrator accounts for local logons"
- Previous message: Denis Roy: "Re: local security policy in a 2003 Domain"
- In reply to: Bill G.: "SEcurity patch message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
