CERT announces MS vulnerabilities

The geek forum. PHP, Perl, HTML, hardware questions etc.. it's all in here. Got a techie question? We'll sort you out. Ask your questions or post a link to your own site here!

CERT announces MS vulnerabilities

Postby Mithrandir » Wed Apr 14, 2004 7:57 am

Hi guys!
Looks like CERT has been advised of a new round of security updates for most windows OSs. Under the "better-safe-than-sorry" line of thinking, I'm including the message here...

Multiple Vulnerabilities in Microsoft Products

Original release date: April 13, 2004
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows Operating Systems

* Microsoft Windows Remote Procedure Call (RPC) and Distributed
Component Object Model (DCOM) subsystems

* Microsoft Windows MHTML Protocol Handler

* Microsoft Jet Database Engine

Overview

Microsoft Corporation has released a series of security bulletins
affecting most users of the Microsoft Windows operating system. Users
of systems running Microsoft Windows are strongly encouraged to visit
the "Windows Security Updates for April 2004" site at

<https://www.microsoft.com/security/security_bulletins/200404_windows.
asp>

and take actions appropriate to their system configurations.

I. Description

Microsoft has released four security bulletins listing a number of
vulnerabilities which affect a variety of Microsoft Windows software
packages. The following section summarizes the issues identified in
their bulletins.

Summary of Microsoft Bulletins for April 2004

Security Bulletin MS04-011: Security Update for Microsoft Windows (835732)

This bulletin addresses 14 vulnerabilities affecting the systems
listed below. There are several new vulnerabilities address by this
bulletin, and several updates to previously reported vulnerabilities.

Impact

Remote attackers could execute arbitrary code on vulnerable systems.

Systems affected

* Windows NT Workstation 4.0
* Windows NT Server 4.0
* Windows NT Server 4.0, Terminal Server Edition
* Windows 2000
* Windows XP
* Windows Server 2003

Vulnerability identifiers

The following table outlines these issues and is based on Microsoft's
Security Bulletin:

Vulnerability Title |US-CERT ID |CVE ID | Impact of Vulnerability
--------------------+-----------+-------------+------------------------
LSASS Vulnerability |VU#753212 |CAN-2003-0533| Remote Code Execution
LDAP Vulnerability |VU#639428 |CAN-2003-0663| Denial of Service
PCT Vulnerability |VU#586540 |CAN-2003-0719| Remote Code Execution
Winlogon Vulnerabili|VU#471260 |CAN-2003-0806| Remote Code Execution
Metafile Vulnerabili|VU#547028 |CAN-2003-0906| Remote Code Execution
Help and Support Cen|VU#260588 |CAN-2003-0907| Remote Code Execution
Utility Manager Vuln|VU#526084 |CAN-2003-0908| Privilege Elevation
Windows Management V|VU#206468 |CAN-2003-0909| Privilege Elevation
Local Descriptor Tab|VU#122076 |CAN-2003-0910| Privilege Elevation
H.323 Vulnerability |VU#353956 |CAN-2004-0117| Remote Code Execution
Virtual DOS Machine |VU#783748 |CAN-2004-0118| Privilege Elevation
Negotiate SSP Vulner|VU#638548 |CAN-2004-0119| Remote Code Execution
SSL Vulnerability |VU#150236 |CAN-2004-0120| Denial of Service
ASN.1 "Double Free" |VU#255924 |CAN-2004-0123 Remote Code Execution


Security Bulletin MS04-012: Cumulative Update for Microsoft RPC/DCOM
(828741)

This bulletin addresses several new vulnerabilities affecting the
systems listed below. These vulnerabilities are in Microsoft Windows
Remote Procedure Call (RPC) and Distributed Component Object Model
(DCOM).

Impact

Remote attackers could execute arbitrary code on vulnerable systems.

Systems affected

* Windows NT Workstation 4.0
* Windows NT Server 4.0
* Windows NT Server 4.0, Terminal Server Edition
* Windows 2000
* Windows XP
* Windows Server 2003

Vulnerability identifiers

The following table outlines these issues and is based on Microsoft's
Security Bulletin:

Vulnerability Title |US-CERT ID |CVE ID | Impact of Vulnerability
--------------------+-----------+-------------+------------------------
RPC Runtime Library |VU#547820 |CAN-2003-0813| Remote Code Execution
RPCSS Service Vulner|VU#417052 |CAN-2004-0116| Denial of Service
RPC over HTTP Vulner|VU#698564 |CAN-2003-0807| Denial of Service
Object Identity Vuln|VU#212892 |CAN-2004-0124| Information Disclosure


Security Bulletin MS04-013:Cumulative Security Update for Outlook Express
(837009)

This bulletin addresses a vulnerability affecting the systems listed
below. The vulnerability affects the Microsoft Windows MHTML Protocol
handler and any applications that use it, including Microsoft Outlook
and Internet Explorer. This vulnerability has been assigned VU#323070
and CAN-2004-0380.

Note: MS04-013 includes patches remediating the vulnerability
described in TA04-099A.

Impact

Remote attackers could execute arbitrary code on vulnerable systems.

Systems affected

* Windows NT Workstation 4.0
* Windows NT Server 4.0
* Windows NT Server 4.0, Terminal Server Edition
* Windows 2000
* Windows XP
* Windows Server 2003
* Windows 98
* Windows 98 Second Edition (SE)
* Windows Millennium Edition (Windows Me)

Note: This issue affects systems with Outlook Express installed.
Outlook Express is installed by default on most (if not all) current
versions of Microsoft Windows.


Security Bulletin MS04-014: Vulnerability in the Microsoft Jet Database
Engine Could Allow Code Execution (837001)

This bulletin addresses a vulnerability affecting the systems listed
below. There is a buffer overflow vulnerability in Microsoft's Jet
Database Engine (Jet). An attacker could take control of a vulnerable
system, including installing programs; viewing, changing, or deleting
data; or creating new accounts that have full privileges. This
vulnerability has been assigned VU#740716 and CAN-2004-0197.

Impact

Remote attackers could execute arbitrary code on vulnerable systems.

Systems affected

* Windows NT Workstation 4.0
* Windows NT Server 4.0
* Windows NT Server 4.0, Terminal Server Edition
* Windows 2000
* Windows XP
* Windows Server 2003


Update to TA04-099A

Microsoft has released a patch that addresses the cross-domain
vulnerability discussed in TA04-099A: "Vulnerability in Internet
Explorer ITS Protocol Handler". US-CERT is tracking this issue as
VU#323070. This reference number corresponds to CVE candidate
CAN-2004-0380.

The patches and further information about the vulnerability are
available in Microsoft Security Bulletin MS04-013. MS04-013 is titled
"Cumulative Security Update for Outlook Express". Since most (if not
all) current Windows systems have Outlook Express installed by
default, and the MHTML protocol handler is part of the Outlook Express
software package, most (if not all) Windows systems should be
considered vulnerable.

TA04-099A and VU#323070 focused on the ITS protocol handlers; however,
the latent vulnerability appears to be in the MHTML handler shipped as
part of Outlook Express. These documents have been updated.

II. Impact

Several of the issues identified by Microsoft have been described as
"Critical" in nature.Each bulletin contains at least one vulnerability
which may allow remote attackers to execute arbitrary code on affected
systems. The privileges gained would depend on the security context of
the software and vulnerability exploited.

III. Solution

Apply an appropriate set of updates from Microsoft

Please see the following site for more information about appropriate
remediation.

Windows Security Updates for April 2004 -

<http://www.microsoft.com/security/security_bulletins/200404_windows
.asp>
User avatar
Mithrandir
 
Posts: 11071
Joined: Fri Jun 27, 2003 12:00 pm
Location: You will be baked. And then there will be cake.

Postby Fsiphskilm » Wed Apr 14, 2004 5:37 pm

*sigh* yea thi
Last edited by Fsiphskilm on Sat Jan 14, 2017 10:56 pm, edited 1 time in total.
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA

Postby Straylight » Wed Apr 14, 2004 6:13 pm

All I can say is -- the Windows Update icon in my system tray sure is busy these days. I find it amusing that prior to XPs launch it was dubbed as their "most secure OS yet"
[align=center]
Image
Banner above created using my avatar generator tool.
You know you want try it.
User avatar
Straylight
 
Posts: 2346
Joined: Mon May 26, 2003 12:00 pm
Location: Manchester, UK


Return to Computing and Links

Who is online

Users browsing this forum: No registered users and 194 guests