[ news_security_news ]
Rasman Exploit Razzes Microsoft
David Utter
Staff Writer
2006-06-27
 Insider Reports RSS Feed
Although the issue was fixed with Microsoft's June patch update, Microsoft wants its XP SP1 and 2000 SP4 users to make sure they have indeed picked up the re-release of the fix.
Those two versions of its Windows operating system are more vulnerable to attacks that exploit the flaw, a Network World report observed. XP2 and 2003 would require an attacker to authenticate to the system to work an exploit.
The problem resides with the Remote Access Manager, or RASMAN. Microsoft rated the problem Critical since remote code execution could be a possibility.
As noted earlier, Microsoft has a patch, MS06-025, available for the RASMAN issue, which consists of two vulnerabilities. One is a memory corruption problem, the other a registry corruption issue. The patch fixes both problems.
Microsoft said on its site that it reissued the advisory to address the issue identified with using RASMAN for certain dialup connections.
If scripting is used for a dialup connection, the connection could stop working under the initial release of the patch, according to Adrian Stone, posting on the Microsoft Security Resource Center blog.
The re-release of the patch should now correct these critical flaws, and Microsoft recommends installing this update, especially on the platforms where authentication would not be required to start an attack.
---
Tag: Microsoft
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
