02-10-2004, 08:01 PM
|
#1 (permalink) |
|
our grateful nightmare
Join Date: Feb 2003
Location: here and there!!!!
Posts: 554
|
Microsoft Warns of Widespread Windows Flaw
Microsoft has a message for Windows users: Patch your computers quickly.
On Tuesday, the software giant released a fix for a networking flaw that affects every computer running Windows NT, Windows 2000, Windows XP or Windows Server 2003. If left unpatched, the security hole could allow a worm to spread quickly throughout the Internet, causing an incident similar to the MSBlast attack last summer. "There are more attack vectors and more people that could be affected by this," said Marc Maiffret, chief hacking officer for eEye Digital Security, the software firm that warned Microsoft of the vulnerability more than six months ago. This is the second time this month that Microsoft has warned users of a security flaw. The company has a new policy of announcing vulnerabilities and releasing patches on the second Tuesday of each month, unless a critical flaw needs to be released immediately. Last week, the software maker revealed a security flaw in Internet Explorer and issued a patch. On Tuesday, Microsoft announced three more vulnerabilities: the critical flaw and two other issues of lesser severity. One security hole affects computers running the Windows Internet Naming Service, and the other affects Microsoft's Virtual PC for the Mac platform. The latest flaw exists in Microsoft's implementation of a basic networking protocol known as Abstract Syntax Notation One, or ASN.1. The code is shared by many Windows applications, and if left unpatched, it causes each program that uses the code to be an entry point into the operating system for an attacker. Such widespread vulnerabilities are most tempting for the underground coders who create worms such as MSBlast--also known as Blaster--and Slammer, both of which took advantage of widespread Windows flaws. The vulnerability could allow a remote user to take control of a computer running a version of the Windows operating system that hasn't been patched, according to the advisory posted on Microsoft's Web site. Exploiting the flaw is much easier if the attacker can access a local network, the advisory noted. "This means a high number of vulnerable systems out on the Internet," said Brian Dunphy, director of managed security services for security software company Symantec. "It's a good candidate for an Internet worm." The flaw bears a resemblance to the one that allowed MSBlast to spread in August 2003, said Stephen Toulouse, security program manager at Microsoft's security response center. "It is relatively similar in terms of the number of computers it could affect," he said, adding that the flaw "is in all versions of Windows." Created by Xerox and standardized in 1984, ASN.1 is a way to describe networking data and protocols, said Bancroft Scott, president of OSS Nokalva, an ASN.1 tools developer. "Twenty years ago, people frequently reinvented the wheel when they wanted to pass data," he said in a January interview on the subject of ASN.1. "There was no way to describe the data that you were going to send." ASN.1 changed that, allowing developers to describe data in an abstract language. However, developers of tools for creating network protocols and software from those descriptions frequently didn't consider that Internet attackers would use the channel as a way to break into computers, Scott said. "These technologies, such as Windows, don't have anything to do with ASN.1, and yet they are breaking," he said. The widespread use of ASN.1 has led many security researchers to label it a possible "monoculture"--a population so homogeneous that a single threat could destroy it. A recent trend in the computer security world is the recognition that vulnerabilities in common technologies can have widespread effects. A flaw in the Simple Network Management Protocol, a widely used way to communicate between network hardware, was due to an ASN.1 implementation error. eEye's Maiffret was critical of Microsoft for taking so long to issue the patch. "Two hundred days to fix this," Maiffret said. "It is obviously ridiculous." Microsoft's Toulouse said the fix took so long to create because of the difficulties posed by such a pervasive technology. "ASN.1 is really an extremely deep...technology in Windows itself," he said. "This investigation required us to evaluate several different aspects. This is an instance where we really had to do our due diligence." http://www.nytimes.com/cnet/CNET_210...3-5156647.html
__________________
American by Birth File Sharer by Choice |
|
|
|
02-10-2004, 08:46 PM
|
#5 (permalink) |
|
getting hitched
Join Date: Apr 2003
Location: canada
Posts: 2,655
|
PS with your spelling tallents, and good puncuation, you might consider doing a similar thread to the back to basics one you did before for this place. I know the regs here know better, but it might help out the visitors, and you do a great job with this stuff.
|
|
|
|
|
02-10-2004, 09:02 PM
|
#6 (permalink) |
|
our grateful nightmare
Join Date: Feb 2003
Location: here and there!!!!
Posts: 554
|
back to basics was something WE(ZPmods) put together!
it wasnt just me! i will make a copy and bring it here, and it can be modified by all!
__________________
American by Birth File Sharer by Choice |
|
|
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
