Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011
From: S. Pidgorny
Date: 04/23/04
- Next message: Dan: "I cant access Denied"
- Previous message: Abhishek: "Passing Access Tokens across processes"
- In reply to: Jerry Bryant [MSFT]: "Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011"
- Next in thread: Jonathan Maltz [MS-MVP]: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Apr 2004 18:30:59 +1000
I'd like to add something about compensating controls: attack signatures are
available for all major NIDS including Snort; Nessus and other vulnerability
scanners can now detect vulnerable systems. Patch now, and use other tools
to detect and verify.
I will not be surprised if a new internet worm will be out tonight.
-- Svyatoslav Pidgorny, MVP, MCSE -= F1 is the key =- "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message news:#3aEkhPKEHA.3944@tk2msftngp13.phx.gbl... > Note: www.microsoft.com/technet/security and www.microsoft.com/security are > authoritative in all matters concerning Microsoft Security Bulletins! ANY > e-mail, web board or newsgroup posting (including this one) should be > verified by visiting these sites for official information. Microsoft never > sends security or other updates as attachments. These updates must be > downloaded from the microsoft.com download center or Windows Update. See the > individual bulletins for details. > > Because some malicious messages attempt to masquerade as official Microsoft > security notices, it is recommended that you physically type the URLs into > your web browser and not click on the hyperlinks provided. > > What is this alert? > > - Microsoft is aware of code available on the Internet that seeks to exploit > vulnerabilities addressed as part of our April 13th security updates. We are > investigating the situation to help protect our customers. Specifically, > the reports detail exploit code that attempts to use the IIS PCT/SSL > vulnerability on servers running Internet Information Services with the > Secure Socket Layer authentication enabled. This vulnerability is addressed > by bulletin MS04-011. Customers who have deployed MS04-011 are not at risk > from this exploit code. > > - Microsoft considers these reports credible and serious and continues to > urge all customers to immediately install the MS4-011 update as well as the > other critical updates provided on April 13th. > > - Customers who are still evaluating and testing MS04-011 should immediately > implement the workaround steps detailed for the PCT/SSL vulnerability > detailed in the MS04-011. In addition, Microsoft has published a knowledge > base article KB187498 at > http://support.microsoft.com/default.aspx?scid=kb;en-us;187498 which > provides additional details on SSL and how to disable PCT without applying > MS04-011. > > - We expect to see additional exploits and proof-of-concept code targeting > the April 2004 security bulletin release in coming days and weeks, > potentially including worm or virus examples. > > If you have any questions regarding the security updates or its > implementation after reading the above listed bulletin you should contact > Product Support Services in the United States at 1-866-PCSafety > (1-866-727-2338). International customers should contact their local > subsidiary. > > Thank you, > Microsoft PSS Security Team > > -- > Regards, > > Jerry Bryant - MCSE, MCDBA > Microsoft IT Communities > > Get Secure! www.microsoft.com/security > > > This posting is provided "AS IS" with no warranties, and confers no rights. > >
- Next message: Dan: "I cant access Denied"
- Previous message: Abhishek: "Passing Access Tokens across processes"
- In reply to: Jerry Bryant [MSFT]: "Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011"
- Next in thread: Jonathan Maltz [MS-MVP]: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
