[ news_security_news ]
More Windows Security Problems
John Stith
Staff Writer
2006-02-08
 Insider Reports RSS Feed
Microsoft issued security advisories on Tuesday regarding vulnerabilities in Windows. First comes another possible problem tied to the WMF vulnerability and the other is tied to a research paper about default services behavior.
The first advisory is related to the Windows Metafile (WMF) problem. Some older versions of Internet Explorer (IE) with this vulnerability could allow an attacker to get in and pull the old arbitrary code trick on the logged on user. Possible actions to set off this problem could be: getting a WMF image from a malicious website; opening an email attachment; clicking on a link in an email that takes one to a malicious website, or Outlook Express users who view the naughty messages in the preview pane.
Microsoft said this in their advisory:
Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site, preview a malicious e-mail message, or open an attachment that exploited the vulnerability. In both Web-based and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The other advisory is tied to a research paper about default services behavior. It suggests one could "exploit overly permissive access controls on third-party application services." Also mentioned was the attempt to exploit default services in Windows XP Service Pack 1 and Windows Server 2003.
Microsoft's advisory says if users have updated Windows XP to Service Pack 2 and Windows Server 2003 to Service Pack 1, it should deal with these issues. The advisory said this:
Microsoft has investigated these reports and the findings are summarized in the chart below. Microsoft has confirmed that customers who run Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1 are not vulnerable to these issues because security-related changes were made to these service packs as part of our ongoing security improvement process. Users who run Windows XP Service Pack 1 and Windows Server 2003 Gold may be at risk, but the risk to Windows Server 2003 users is reduced.
Users are encouraged to contact their third-party software vendors whose products require services installation to determine if any non-default Windows services are affected.
Microsoft is not aware of any attacks attempting to use the reported vulnerabilities or of customer impact at this time. Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary.
Add to | DiggThis| Yahoo My Web
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
