CRITICAL Microsoft Vulnerability

Forum Moderators: phranque

Message Too Old, No Replies

CRITICAL Microsoft Vulnerability

XP, NT, 2000 and others - get your patch quick.

gethan

9:23 pm on Feb 10, 2004 (gmt 0)

[news.bbc.co.uk...]

[microsoft.com...]

Affects XP, NT, 2000 and Virtual PC for Mac.

Who should read this document: Customers who are using Microsoft® Windows®
Impact of vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Systems administrators should apply the update immediately.

Reflection

10:40 pm on Feb 10, 2004 (gmt 0)

Wouldnt it be better to just quietly include the 'fix' in windows update rather than announcing the specific flaw to the entire world?

For example, when using authentication protocols based on ASN.1 it could be possible to construct a malformed authentication request that could expose this vulnerability.

I'll get started on that right away ;)

bakedjake

10:43 pm on Feb 10, 2004 (gmt 0)

I'll get started on that right away ;)

Someone already has. eEye did it internally. Which means the bad guys aren't far behind.

another thread: [webmasterworld.com...]

gethan

8:08 am on Feb 11, 2004 (gmt 0)

[webmasterworld.com...]

Main thread, linked from front page.

phantombookman

9:03 am on Feb 11, 2004 (gmt 0)

Hi Guys
my computer is currently doing a microsoft auto update, can I presume that the required patch will be included?
Sorry if this sounds dumb
Regards
Rod