[ news_security_news ]
McAfee Protects Against MS04-027 And MS04-028 Vulnerabilities
SecurityProNews
Staff Writer
2004-09-14
 Insider Reports RSS Feed
McAfee Protection-In-Depth Strategy Provides Protection to Identify and Block Potential New Attacks.
McAfee today announced that it provides comprehensive system protection for the MS04-027 and MS04-028 vulnerabilities announced by Microsoft Corporation today. These vulnerabilities have been reviewed by McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team) security research teams at McAfee. Based on its findings, McAfee AVERT recommends that users confirm the Microsoft product versioning outlined in the MS04-027 and MS04-028 bulletins and update as recommended by Microsoft and McAfee. This includes deploying solutions to ensure protection against the exploits outlined in this advisory.
Microsoft Vulnerability Overview
-- MS04-027 -- Vulnerability in WordPerfect Converter Could Allow Code Execution (884933)
-- MS04-028 -- Buffer Overrun in JPEG Processing Could Allow Code Execution (833987)
Scope of Potential Compromises
These buffer overflow vulnerabilities range in scope from a buffer overrun vulnerability in JPEG processing, which exists in the processing of JPEG image formats, to a remote code execution vulnerability, which exists in the WordPerfect converter that is provided as part of the affected software. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system and install programs; view, change or delete data; or create new accounts. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
