BindView announced today that its RAZOR Rapid Response Team has created security checks for a newly identified critical Microsoft vulnerability.
BindView customers on current maintenance contracts running bv-Control for Windows and/or bv-Control for Internet Security can take immediate protective action. In addition, BindView Patch Deployment customers can use the product to deploy Microsoft patches across their environments or to package the patches for deployment with a software deployment tool such as SMS.
Who is at Risk
It is recommended that customers refer to the associated Microsoft Bulletin for full details. Following are brief descriptions of the vulnerabilities and the systems affected:
MS05-024: By persuading a user to preview a malicious file, an attacker could take complete control of a system. A flaw in the method of Windows Explorer Web View’s processing of HTML characters in preview fields can allow for remote code execution. Organizations affected include those using Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows 98, Microsoft Windows 98 Second Edition and Millennium Edition.
BindView has created vulnerability checks for bv-Control for Windows and bv-Control for Internet Security to assist customers in locating vulnerable systems. Once systems are identified, customers should proceed with outlined precautionary measures as quickly as possible.
Commentary on the Vulnerabilities
BindView RAZOR Team experts are available to discuss these new vulnerabilities and share further insight into organizations most at risk, potential outcomes of an attack, as well as additional ways to secure enterprise IT infrastructures. Experts can also discuss the growing number of system vulnerabilities that have been identified in the past few months.