Welcome to WebmasterWorld Guest from 54.221.49.52

Forum Moderators: ocean10000

Message Too Old, No Replies

Major Microsoft Patch

     

Xoc

10:31 pm on Feb 10, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



[apnews.myway.com...]

"This is one of the most serious Microsoft vulnerabilities ever released," said Marc Maiffret of eEye Digital Security Inc. of Aliso Viejo, Calif., which discovered the new Windows flaws. "The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system."

Download the patch from the [windowsupdate.microsoft.com ] web site.

bakedjake

10:37 pm on Feb 10, 2004 (gmt 0)

WebmasterWorld Administrator bakedjake is a WebmasterWorld Top Contributor of All Time 10+ Year Member



She ain't up on Windows Update yet... (At least for Win2K server)

Direct link to bulletin: [microsoft.com...]

Patches available there.

Edit 5:38 PM ET: It just went up on Windows Update.

markus007

4:22 am on Feb 11, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



its up for 2k server, i patched mine this morning.

It only effects you if you have a certain DLL installed

adfree

10:07 am on Feb 11, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Patched WIN Server 2000 Advanced and XP Pro without problem.
Horror scenario: system crash with new OS installation, I got ISDN at home only, how many patches will I have to download, install then?
Would take me a week I think...

rehabguy

1:13 pm on Feb 11, 2004 (gmt 0)

10+ Year Member



I downloaded the latest patches last night and now my Windows 2000 computer won't boot up, even in safe mode.

I guess my computer is finally secure - it won't work.

Thanks Bill!

transactiongeek

3:08 pm on Feb 11, 2004 (gmt 0)



"To verify if the affected file is installed, search for the file named Msasn1.dll. If this file is present, this security update is required."

It's on my w2k box: c:\winnt\system32\msasn1.dll

silane

5:30 pm on Feb 11, 2004 (gmt 0)

10+ Year Member



My server was hacked about about 12 hours ago, the hacker deleted my account and created a new user. I have to guess the password, and managed to get it correct.

258cib

8:07 pm on Feb 11, 2004 (gmt 0)

10+ Year Member



Meanwhile, the recent IE patch is causing serious problems.

For example, AMS has told its buyers and vendors who install the patch may be taken to a screen saying that they are using an unsupported browser or shown a screen with the text "System Development Mode" on it, or may be given an "Internal Server Error" message when trying to respond to a quote.

They say:
"There is not an official Microsoft workaround available at this time. However, we have found that some users are able to return to (the site) by first clicking the browser "Refresh" button and then answering "Yes" when asked if they would like to 'Retry'.

AMS is working with Microsoft directly to determine what can be done to resolve this problem. Again, this is only a problem if a user has the patch installed on their computer. Users with Internet Explorer without the patch are NOT experiencing the problem.

PCInk

10:03 pm on Feb 11, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hmmmm, cause of critical problem? - Unchecked buffer.

Mr Gates, can you sack any employee who does not check there buffers correctly in future programs you write. Thank you.

plumsauce

10:37 pm on Feb 11, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member




silane


My server was hacked about about 12 hours ago

was that due to this particular vulnerability,
or another route?

+

silane

7:41 am on Feb 12, 2004 (gmt 0)

10+ Year Member



not too sure, but I alway patch my server as soon as patches are released.

This time, I haven't got a chance to patch it, and the server was hacked.

nativenewyorker

12:02 pm on Feb 12, 2004 (gmt 0)

10+ Year Member



Xoc said:

"The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system."

The really scary thing is Diebold, one of the world's largest maker of ATMs has incorporated Windows into their products. This makes me extremely nervous about keeping my money in the bank.

Wired News: Windows to Power ATMs in 2005 [wired.com]

PatrickDeese

5:48 pm on Feb 16, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



They're reporting the first exploit from the source code:

[securitytracker.com...]

plumsauce

11:38 pm on Feb 16, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member




ATM's already use Windows NT.

They have in the past been hacked from internal
access paths. These boxes are network accessible
only through secure paths, *but* it was presumed
that the bank internal network was secure. A
trojaned system that was *not* an atm, but on the
internal network was used to access the atm.

+++

 

Featured Threads

Hot Threads This Week

Hot Threads This Month