RE: FYI: Serious flaw has been discovered in a core component of Windows 2000
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 4 Aug 2005 15:28:42 -0300
lol.....
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, August 04, 2005 3:14 PM
To: ISA Mailing List
Subject: [isalist] RE: FYI: Serious flaw has been discovered in a core
component of Windows 2000
http://www.ISAserver.org
Gee...
"Default installation" == completely unpatched.
How hard is it to exploit that?
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
<http://isaserver.org/Jim_Harrison/>
http://isatools.org <http://isatools.org/>
Read the help / books / articles!
-------------------------------------------------------
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Thursday, August 04, 2005 08:08
To: [ISAserver.org Discussion List]
Subject: [isalist] FYI: Serious flaw has been discovered in a core
component of Windows 2000
http://www.ISAserver.org
The vulnerability in Microsoft's operating system could enable remote
intruders to enter a PC via its Internet Protocol address, Marc
Maiffret, chief hacking officer at eEye Digital Security, said on
Wednesday. As no action on the part of the computer user is required,
the flaw could easily be exploited to create a worm attack, he noted.
What may be particularly problematic with this unpatched security hole
is that a work-around is unlikely, he said.
"You can't turn this (vulnerable) component off," Maiffret said. "It's
always on. You can't disable it. You can't uninstall."
eEye declined to give more details on the flaw or the Windows 2000
<http://techrepublic.com.com/2100-10877_11-5766696.html?tag=nl>
component in question. As part of company policy, it does not release
technical details of the vulnerabilities it finds until the software's
maker has released either a patch or an advisory.
A Microsoft representative said the software giant will issue a comment
once it has had a chance to review the eEye advisory, which has yet to
be posted on the security company's Web site.
The vulnerabilities affect Windows 2000, but Maiffret noted eEye is
still conducting tests, and he anticipates other versions of Microsoft's
OS will likely be affected.
For Microsoft, this marks the second eEye advisory it's received this
week. On Monday, eEye notified the software giant it had found critical
vulnerabilities in Internet Explorer.
The IE vulnerabilities could allow malicious attackers to launch a
remote buffer overflow attack should users click on a malicious Web site
link.
The flaw, which is rated as a "high" risk
<http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.eeye.com%2Fhtml%2Frese
arch%2Fupcoming%2F20050801.html&siteId=11&oId=2100-1009-5817400&ontId=10
09&lop=nl_ex> , affects IE, Windows XP and SP1, Windows 2003 and Windows
2000.
Microsoft confirmed it received the eEye advisory regarding IE through
its standard vulnerability reporting system.
"We are investigating the report and will take appropriate action to
help protect customers as part of our normal security response process,"
a Microsoft representative said. Microsoft issues a monthly bulletin of
patches <http://techrepublic.com.com/2100-1009_11-5778406.html?tag=nl>
and also has a program of security advisories
<http://techrepublic.com.com/2100-1009_11-5697945.html?tag=nl> with
work-arounds for unpatched, reported flaws.
Steve Moffat
President & CEO
<http://www.optimum.bm/>
Optimum I.T. Solutions Ltd <http://www.optimum.bm/>
Tel: (441) 232 8849
Helpdesk: (441) 232 8849
Email : steve@xxxxxxxxxx <mailto:%20steve@xxxxxxxxxx>
http://optimum.bm <http://optimum.bm/>
A nod is as good as wink to a blind horse.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
