Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 


Microsoft Vulnerabilities Announced 13/4

Symantec Voice of Reason for Microsoft Vulnerabilities Announced 13/4

On Tuesday, April 13, Microsoft issued information on several new product vulnerabilities - many of these vulnerabilities are quite severe. As a result, Symantec has raised the DeepSight ThreatCon from a level 1 to a level 2. Symantec's ThreatCon Rating provides an overall view of global Internet Security and is based on a 1-4 rating system with a level 4 being the highest threat level.

Below is information on the Microsoft vulnerabilities that Symantec views as most critical to consumers and enterprises as well as Symantec solutions that protect against them. If you would like to speak with Symantec regarding any of the vulnerabilities disclosed today by Microsoft, please contact Rachael Joel (details below).

A complete view of all the vulnerabilities released today by Microsoft can be found at http://www.microsoft.com/security/security_bulletins/200404_windows.asp.

1. Security Update for Microsoft Windows (835732) Microsoft disclosed several new vulnerabilities for Microsoft Windows and has issued a security bulletin based on these vulnerabilities. ( http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx) All of these vulnerabilities are viewed as critical by Symantec. However, Symantec has identified the LSASS Vulnerability (below) as one of the most severe and encourages users to install the patch provided by Microsoft immediately.

Local Security Authority Subsystem Service (LSASS) Vulnerability - Symantec has rated this threat as critical. A buffer overflow vulnerability exists in the LSASS service that could allow remote code execution on an affected system. LSASS provides an interface for managing local security, domain authentication, and Active Directory processes. If the system was compromised, an attacker could gain complete control of the machine and perform actions on the affected machine similar to a user or administrator, such as erase files, steal information, etc.

Symantec Protection/Recommendations: In addition to best practices, Symantec encourages users to install the patch provided by Microsoft. By default, Symantec's full application inspection firewall technology protects against the LSASS vulnerability by blocking all unused incoming ports. No additional configuration or patch is required. Firewall administrators are advised to verify that their security policy does not include opening the following ports UDP: 135, 137, 138, 44 and TCP 135, 139, 445, 593.

Symantec customers who are using products that include Symantec's personal firewall technology, such as Norton Personal Firewall, Norton Internet Security and Symantec Client Security are automatically protected from this vulnerability. Users should also block the various ports above that are at risk.

2. Cumulative Security Update for Outlook Express (837009) Microsoft has issued a cumulative update that includes all previously-released updates for Outlook Express 5.5 and Outlook Express 6.0. ( http://www.microsoft.com/technet/security/bulletin/MS04-013.mspx) This update includes security fixes for vulnerabilities that are currently being exploited in the wild. Symantec cautions users that these vulnerability can be exploited through the Outlook Preview pane, and could allow a worm/blended threat to automatically infect systems, which could result in an attacker gaining complete control of the users machine. These vulnerability can also be exploited by visiting a malicious Web site. In this scenario, the attacker would have to host a Web site that contains a Web page that can be used to exploit these vulnerability. An attacker would then have to lure the user to that site, typically by getting them to clink on a specific link. This may decrease the risk associated with these vulnerability.

Symantec Protection/Recommendations: Symantec has rated this threat as critical. These versions of Outlook Express are widely used and Symantec strongly encourages users to install the patch provided by Microsoft to patch their systems as soon as possible. Symantec's AntiVirus solutions automatically protect against threats related to this vulnerability through its Bloodhound heuristics.

3. Cumulative Update for Microsoft RPC/DCOM (828741) Microsoft has issued an update for several new vulnerabilities in RPC/DCOM. ( http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx)

Platforms that may be affected by this vulnerability include Windows 98, NT, XP, Win 2003, Win XP 64. If a system was compromised, an attacker could take any action including installing programs; viewing or changing information, deleting data etc.

Symantec Protection/Recommendations: In addition to best practices, Symantec encourages users to install the patch provided by Microsoft. By default, Symantec's full application inspection firewall technology protects against this vulnerability by blocking all unused incoming ports. Firewall administrators are advised to verify that their security policy does not include the following incoming ports. UDP: 135, 137, 138, 445 and TCP: 135, 139, 445, 593. Additionally, by default RPC over HTTP (TCP port 80 or 443) is blocked by the FW. No additional configuration or patch is required.

Symantec customers who are using products that include Symantec's personal firewall technology, such as Norton Personal Firewall, Norton Internet Security and Symantec Client Security are automatically protected from this vulnerability. Users should also block the various ports above that are at risk.

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>

ALSO:

Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>

Earlier:

Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>

ALSO:

Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>

ALSO:

Half A Billion Accounts, Including Xtra: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

ALSO:

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>

ALSO:

Get More From Scoop

 
 
 
 
 
 
 
 
 
Sci-Tech
Search Scoop  
 
 
Powered by Vodafone
NZ independent news