Microsoft Partners with BindView to Protect Users against Windows NT Bug.HOUSTON--(BUSINESS WIRE)--June 23, 1999-- Joint Efforts Prevent the Exploit of Potentially Devastating dev·as·tate tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. "Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. " Security Vulnerability BindView Development Corporation (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :BVEW BVEW Binary View ), a leading supplier of systems and security management software, and Microsoft (NASDAQ:MSFT MSFT Microsoft (stock symbol) MSFT Movimento Sociale Fiamma Tricolore (Italy) MSFT Multi-Stage Fitness Test MSFT Master of Science in Family Therapy MSFT Macalester Students for Fair Trade ) today announced that they have proactively protected their customers against the exploit of a "denial of service" security vulnerability. Discovered by BindView's internal team of security experts, the vulnerability affects all versions of Microsoft NT, including versions 3.51, 4.0 and Windows 2000 Beta 3. BindView notified the Microsoft security group immediately with information about the vulnerability. Microsoft then tested and confirmed the vulnerability to Windows(R) NT servers and workstations, releasing a patch that fixes the identified problem. While there are no reports of customers being adversely affected by this vulnerability, Microsoft is responding with a fix to allow customers to take appropriate action to protect themselves against it. "Denial of service attacks are incredibly serious and can shut down an entire enterprise, causing thousands of dollars in downtime, and creating chaos for systems professionals," said Phil Bakker, senior consultant with PricewaterhouseCoopers Technology Risk Services Practice in Boston. "These attacks are virtually invisible and can compromise a system without anyone's knowledge, making it extremely difficult for users to authenticate to a Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. server. The Phantom Bug warning should be taken seriously -- systems administrators should pay close attention, heed the warning and be sure to patch their systems appropriately. BindView and Microsoft are being proactive to identify security vulnerabilities and minimize risk to customers -- an illustration of how vendors should work together to protect their customers." Microsoft Partners with BindView 2-2-2-2 By exploiting the vulnerability, a hacker could take down the Local Security Authority (LSA LSA - Link State Advertisement ) in Windows NT, causing a denial of service and preventing all access to the Windows NT server on which the attack was executed. Users would be unable to access any files or services provided by that server, causing lost productivity while creating havoc for systems administrators. Examples of the types of services that could be denied include e-mail, corporate databases and access to the Internet. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. industry analysts, "denial of service" attacks are extremely costly and are on the rise. Results from the Computer Security Institute's (CSI CSI Crime Scene Investigator CSI CompuServe, Inc. CSI Commodity Systems, Inc. CSI Commodity Systems Inc. (Boca Raton, FL) CSI Crime Scene Investigation (CBS TV show) CSI Christian Schools International ) FBI 1999 survey indicate that losses due to denial of service attacks are, on the average, up fifty one percent per year. The bug, referred to by Microsoft as the "Malformed mal·formed adj. Abnormally or faultily formed. LSA Request," is reminiscent of the Boink boink - /boynk/ [Usenet: variously ascribed to the TV series "Cheers" "Moonlighting", and "Soap"] 1. To have sex with; compare bounce. (This is mainstream slang.) In Commonwealth hackish the variant "bonk" is more common. 2. bug in late 1998 that affected Windows 95 and Windows NT. Boink left thousands of users staring at the "blue screen of death A crash in Windows that causes the computer to lock up, and the screen turns entirely blue. The solution is to reboot. See Black Screen of Death. (humour) Blue Screen of Death - (BSOD) The infamous white-on-blue text screen which appears when Microsoft Windows crashes. ," causing computers to crash by making them devote memory to unsolvable problems. Another denial of service attack, Teardrop tear·drop n. 1. A single tear. 2. An object shaped like a tear. , crashed NT 4.0 by exploiting a peculiarity in its networking stack. Teardrop affected systems belonging to the Navy in Point Loma, Calif. and Norfolk, Va., as well as computers at MIT MIT - Massachusetts Institute of Technology and Northwestern University in early 1998. The Denial of Service Patch Affected machines can recover after an attack by rebooting immediately. However, the vulnerability can be exploited repeatedly, leaving systems vulnerable to attack until the patch is installed. Companies impacted by the bug can permanently guard against the attack by installing the patch from Microsoft, available at the following site in the What Customers Should Do section: http://www.microsoft.com/security/bulletins/ms99-020.asp. Microsoft also has sent this security bulletin to customers subscribing to the Microsoft Product Security Notification Service. Microsoft Partners with BindView 3-3-3-3 BindView provides a number of award-winning solutions to protect against the bug. HackerShield automatically detects security vulnerabilities such as the Malformed LSA Request and can be downloaded for free at http://www.bindview.com/netect. Registered HackerShield customers have already received an update that addresses the bug via the patent-pending RapidFire Update technology. Users of BindView's NOSadmin for Windows NT can download a new report that will check their enterprise for the patch via http://www.bindview.com/security/advisory/Phantom.html. In addition, BindView has posted a detailed advisory on its website offering technical information for system and network administrators, including a pointer to the Microsoft patch. About BindView Development Corp. Founded in 1990, BindView Development Corporation develops and markets a leading suite of systems and security management software that has been recognized with the industry's most prestigious awards. The Company's primary product line, BindView EMS (Enterprise Management System), assists systems managers and security auditors in maintaining the integrity and security of multi-platform client/server networks. BindView's products are installed in over 4,000 companies worldwide, including a vast majority of the Fortune 100. Contact BindView via e-mail at info@bindview.com or visit BindView's World Wide Web Site at http://www.bindview.com. BindView can also be reached at (800) 749-8439 or at (713) 561-4000. Editors Note: BindView is a registered trademark of BindView Development Corporation. Company and product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion