Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Symantec Response to Microsoft Security Bulletin

On Tuesday, June 14, Microsoft issued information on 12 new security updates. Symantec Security Response has identified eight vulnerabilities as the most serious and more detailed information is included at the bottom of this email.

Symantec Security Response has highlighted the following three vulnerabilities as critical:

· Microsoft Vulnerability in SMB -- Microsoft Security Bulletin MS05-027

· Microsoft Cumulative Security Update for Internet Explorer -- Microsoft Security Bulletin MS05-025

· Microsoft Vulnerability in HTML Help -- Microsoft Security Bulletin MS05-026

“Malicious use of both known and newly discovered software vulnerabilities continues to be a concern for both consumers and enterprises,” said David Cole, director of product management, Symantec Security Response. “Remaining diligent about deploying appropriate patches and implementing best security practices is the best prevention against new and established security risks.”
Symantec recommends the following actions for enterprises:
· Evaluate the possible impact of these vulnerabilities to their critical systems.
· Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions.
· Take proactive steps to protect the integrity of networks and information.
· Verify that appropriate data backup processes and safeguards are in place and effective.
· Remind users to exercise caution in opening all unknown or unexpected e-mail attachments and in following web links from unknown or unverified sources.

Symantec recommends the following actions for consumers:
· Regularly run Windows Update and install the latest security updates to keep software up to date.
· Avoid opening unknown or unexpected e-mail attachments or following web links from unknown or unverified sources.
· Consider using an Internet security solution such as Norton Internet Security to protect against today's known and tomorrow's unknown threats.


Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary. Information can be found at http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx.

SMB Vulnerability
· Microsoft Vulnerability in SMB -- Microsoft Security Bulletin MS05-027 - This buffer overflow vulnerability in Microsoft SMB protocol implementation could allow for remote code execution and result in a complete system compromise. This vulnerability can be exploited against remote servers by anonymous attackers across the Internet. Symantec Security Response has identified this vulnerability to be critical.

Client-side Vulnerabilities
· Microsoft Cumulative Security Update for Internet Explorer -- Microsoft Security Bulletin MS05-025 - This buffer overflow vulnerability in malformed PNG image processing could allow for malicious code execution. Web-based attacks could pose the highest risk as IE renders these images automatically, and there are many ways for an attacker to embed malicious images in content processed by Internet Explorer. E-mail attacks are slightly more difficult to carry out because they require the victim to manually open an e-mail attachment containing the image. Symantec Security Response has identified this vulnerability as critical.

An additional new vulnerability in the IE cumulative update is a variant of an existing attack. The vulnerability allows attackers to read the contents of XML files on the client host and could result in sensitive information being disclosed to attackers.
· Microsoft Vulnerability in HTML Help -- Microsoft Security Bulletin MS05-026 - This “data validation error” vulnerability in HTML Help could allow for remote code execution. This vulnerability, which is exploitable through the InfoTech protocol, can also result in execution of code on the client system. HTML e-mail attacks are possible depending on the Outlook/Outlook Express settings and product version. Symantec Security Response has identified this vulnerability as critical.
· Microsoft Vulnerability in Interactive Training - Microsoft Security Bulletin MS05-031 - This is a buffer overflow vulnerability in Interactive Training software. This vulnerability impacts machines with the Step-by-Step Interactive Training software, a component commonly installed on OEM systems, and could result in remote code execution. A user would have to open a malicious bookmark link file delivered via e-mail, hosted on a Web site, etc. Symantec Security Response has identified this vulnerability as important.
· Outlook Express NNTP Response Parsing Vulnerability - Microsoft Security Bulletin MS05-030 - This buffer overflow vulnerability in client processing of server NNTP responses could allow for remote code execution. Minimal user interaction is required to exploit this vulnerability. Symantec Security Response has identified it as important.


Phishing Vulnerabilities
· Microsoft Agent Vulnerability -- Microsoft Security Bulletin MS05-032 - This vulnerability may be used to trick a victim into trusting hostile Internet content through the spoofing of security dialogs. However, the user must still manually perform some action, as presented in the false dialog. Symantec Security Response has identified this vulnerability as moderate.
· Outlook Web Access Script Injection Vulnerability - Microsoft Security Bulletin MS05-029 - This vulnerability is due to an input validation error in Microsoft Outlook Web Access and allows for attackers to cause script code to be embedded in its web-based interface. This allows for cross-site scripting style attacks and may assist in phishing attacks against Outlook Web Access users. Symantec Security Response has identified this vulnerability as important.

Web Client Service Vulnerability
· Vulnerability in Web Client Service - Microsoft Security Bulletin MS05-028 - This buffer overflow vulnerability could result in a complete system compromise. It is exploitable remotely, however valid authentication credentials are required. The service is disabled in Windows Server 2003. Symantec Security Response has identified this vulnerability as important.

ENDS

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Scoop 3.0: How You Can Help Scoop’s Evolution

We have big plans for 2018 as we look to expand our public interest journalism coverage, upgrade our publishing infrastructure and offer even more valuable business tools to commercial users of Scoop. More>>


Statistics: Butter At Record $5.67/Block; High Vegetable Prices

Rising dairy prices have pushed food prices up 2.7 percent in the year to October 2017, Stats NZ said today. This followed a 3.0 percent increase in the year to September 2017. More>>

ALSO:

Science: New Research Finds Herbicides Cause Antibiotic Resistance

New University of Canterbury research confirms that the active ingredients of the commonly used herbicides, RoundUp, Kamba and 2,4-D (glyphosate, dicamba and 2,4-D, respectively), each alone cause antibiotic resistance at concentrations well below label application rates. More>>

ALSO:

CO2 And Water: Fonterra's Environment Plans

Federated Farmers support Fonterra’s bold push to get to zero emissions of CO2 on the manufacturing side of the Co-operative, both in New Zealand and across its global network. More>>

ALSO:

Fisheries: Decision To Delay Monitoring ‘Fatally Flawed’

Conservation group representatives say a decision by the new Minister of Fisheries, Stuart Nash, to delay implementation of camera monitoring of fishing efforts in New Zealand is ‘fatally flawed’. More>>

ALSO:

Kaikōura Quakes: One Year On

State Highway One and the railway were blocked by damage and slips and the Inland Road suffered significant damage. Farms, homes and businesses suffered building and land damage. Power and internet went down, drinking water systems, sewage systems and local roads were all badly affected... More>>

ALSO:

 
 
 
 
 
 
 
 
  • Bill Bennett on Tech