BindView RAZOR Team Issues RapidFire Updates for Five Microsoft Vulnerabilities.HOUSTON -- BindView Corp. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :BVEW BVEW Binary View ) announced today that its RAZOR Rapid Response Team is providing checks for five newly identified critical Microsoft vulnerabilities. BindView customers on current maintenance contracts running Vulnerability Management solutions that include bv-Control for Windows and/or bv-Control for Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. can take immediate protective action. In addition, BindView Patch Deployment customers can use the product to deploy Microsoft patches across their environments or to package the patches for deployment with a software deployment Software deployment is all of the activities that make a software system available for use. The general deployment process consists of several interrelated activities with possible transitions between them. tool such as SMS (1) (Storage Management System) Software used to routinely back up and archive files. See HSM. (2) (Systems Management Server) Systems management software from Microsoft that runs on Windows NT Server. . BindView's RapidFire Update Service provides customers with immediate access to the updates via automatic distribution, or customers can download the new updates online at: www.bindview.com/Services/TechSupport/Advisories/ADV_MSFT05-101205.cfm Who is at Risk It is recommended that customers refer to the associated Microsoft Security Bulletins for full details. Following are brief descriptions of the vulnerabilities and the systems affected: MS05-044: A vulnerability in the way the Windows FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to Client validates filenames could allow the owner of a malicious FTP server (networking) FTP server - A network server program or computer which responds to requests for files via FTP. A busy Internet archive site may have one or more computers dedicated to running FTP server software. These will typically have hostnames beginning with "ftp.", e.g. to alter the location where a file is saved. User interaction is required to overwrite (1) A data entry mode that writes over existing characters on screen when new characters are typed in. Contrast with insert mode. (2) To record new data on top of existing data such as when a disk record or file is updated. existing files. Organizations affected include those using versions of Microsoft Windows See Windows. (operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. XP SP1 and Microsoft Windows Server 2003 Itanium-based Systems. MS05-045: A denial of service A condition in which a system can no longer respond to normal requests. See denial of service attack. vulnerability with the Microsoft Network See MSN. Microsoft Network - The Microsoft Network Connection Manager could cause network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received. Organizations affected include those using versions of Microsoft Windows 2000 SP4, Microsoft Windows XP SP1 and SP2, and Microsoft Windows Server 2003 and SP1. MS05-046: A vulnerability with the Client Service for NetWare could allow an attacker to execute remote code and take complete control of a system. Client Service for NetWare is not installed by default on a Windows system and common firewall practices may also reduce risk where the component is installed. Organizations affected include those using versions of Microsoft Windows 2000 SP4, Microsoft Windows XP SP1 and SP2, and Microsoft Windows Server 2003 and SP1. MS05-047: A remote code execution and local elevation-of-privilege vulnerability with Plug and Play could allow an authenticated attacker to take complete control of a system. In most cases, the vulnerability requires local credentials to exploit. Common firewall practices may also reduce risk. Organizations affected include those using versions of Microsoft Windows 2000 SP4 and Microsoft Windows XP SP1 and SP2. MS05-048: A vulnerability in the Collaboration Data Objects Collaboration Data Objects (CDO), previously known as Active Messaging, is an application programming interface included with Microsoft Windows and Microsoft Exchange Server products. could allow an attacker to execute remote code and take complete control of a system. Organizations affected include those using versions of Microsoft Windows 2000 SP4, Microsoft Windows XP SP1 and 2, Microsoft Windows XP Pro x64 Edition Refers to 64-bit versions of Windows operating systems. See x64. ; Microsoft Windows 2000 and SP 1; Microsoft Windows Server 2003 for Itanium-based Systems and SP1; and Microsoft Exchange Messaging and groupware software for Windows from Microsoft. Exchange Server is an Internet-compliant e-mail system that runs under Windows NT/2000 and Windows Server 2003. It can be accessed by Web browsers, the Exchange client, versions of Outlook and the earlier Windows Inbox. 2000 Server SP3. MS05-049: A flaw in the way Windows processes The various processes that are running in a Windows computer. Some of the processes are parts of the operating system, while others are applications automatically launched at startup or manually by the user. For a list of all running processes, press Ctrl-Alt-Del. .lnk file A Windows shortcut. See Win Shortcuts and extension. name extensions could leave users open to remote code execution if the attachment is opened, allowing an attacker to take complete control of a system. Organizations affected include those using versions of Microsoft Windows 2000 SP4; Microsoft Windows XP SP1 and 2; Microsoft Windows XP Pro x64 Edition; Microsoft Windows 2000 and SP1; Microsoft Windows Server 2003 for Itanium-based Systems and SP1; and Microsoft Exchange 2000 Server SP3. MS05-050: A vulnerability in DirectShow could allow an attacker to execute remote code, taking complete control of a system. Organizations affected include those using versions of Microsoft DirectX 7.0 on Microsoft Windows 2000 with SP4; Microsoft Windows 98, Second Edition and Millennium Edition. For those using Microsoft DirectX 8.1, multiple software versions may be affected including Microsoft Windows XP SP1 and SP2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and SP1, Microsoft Windows Server 2003 for Itanium-based Systems and SP1, and Microsoft Windows Server 2003 x64 Edition. MS05-051: A remote code execution and local elevation of privilege vulnerability in the Microsoft Distributed Transaction Coordinator The Distributed Transaction Coordinator (MSDTC) service is a component of modern versions of Microsoft Windows that is responsible for coordinating transactions that span multiple resource managers, such as databases, message queues, and file systems. and COM (1) (Computer Output Microfilm) Creating microfilm or microfiche from the computer. A COM machine receives print-image output from the computer either online or via tape or disk and creates a film image of each page. + could allow an attacker to take complete control of an affected system. Organizations affected include those using versions of Microsoft Windows 2000 SP4, Microsoft Windows XP SP1 and SP2, Microsoft Windows XP Professional x64, Microsoft Windows Server 2003 and SP1, Microsoft Windows Server 2003 for Itanium-based systems and SP1, and Microsoft Windows Server 2003 x64 Edition. MS05-052: A flaw in the way Internet Explorer creates COM objects, not intended for creation in Internet Explorer, could allow an attacker to remotely execute code, leading to a complete system compromise. An attacker could construct a malicious Web page that potentially allows remote code execution if a user visits the malicious Web site. Organizations affected include those using versions of Microsoft Windows 2000 SP4; Microsoft Windows XP SP1 and SP2; Microsoft Windows XP Professional x64; Microsoft Windows Server 2003 and SP1; Microsoft Windows Server 2003 for Itanium-based systems and SP1; and Microsoft Windows Server 2003 x64 Edition; Microsoft Windows 98, Second Edition and Millennium Edition. Suggested Actions BindView has created vulnerability checks for bv-Control for Windows and bv-Control for Internet Security to assist customers in locating vulnerable systems. Once systems are identified, customers should proceed with outlined precautionary measures as quickly as possible. Priority should be given to critical workstations, such as administrative workstations, and bv-Control installations. Mobile systems connected to broadband networks -- including notebook computers -- are also a priority as they may be exposed to the Internet without firewall protection. Commentary on the Vulnerabilities BindView RAZOR Team experts are available to discuss these new vulnerabilities and share further insight into organizations most at risk, potential outcomes of an attack, as well as additional ways to secure enterprise IT infrastructures. Experts can also discuss the growing number of system vulnerabilities that have been identified in the past few months. About BindView Corporation BindView Corporation is a global provider of IT security compliance software. BindView solutions remove barriers that limit an organization's ability to cost effectively demonstrate due care and maintain compliance with IT security policies and regulatory mandates. BindView policy compliance; vulnerability and configuration management; and directory and access management software combine best-practices knowledge with automated controls to reduce risk and protect IT assets at the lowest cost across users, systems, applications and databases in multi-platform environments. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at info@bindview.com, on the web at http://www.bindview.com, and at 1-713-561-4000 or 1-800-749-8439. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion