Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Symantec Security Response to MS Advisory

Symantec Security Response to Microsoft Security Advisory

Last week, the Zobot and Esbot threats exploited a Microsoft Windows Plug and Play (PnP) Service vulnerability to create a backdoor on the computer system and allow remote attackers to have unauthorised access to the compromised computer.

During detailed analysis of the worms and the vulnerability, Symantec Security Response experts discovered that slight modifications to the exploit could impact some Windows XP and Windows XP SP1 systems with the possible result of unauthorized remote code execution. Windows XP SP2, however, is not susceptible to this exploitation method.

More Details on Windows PnP Service Vulnerability

The impacted configurations of Windows XP and Windows XP SP1 are not default configurations.

Attack scenarios are possible when the “guest” account is both enabled and removed from the “Deny access to this computer from the network” entry in the “User Rights Assignment” Security Policy. This can happen when Simple File and Print Sharing has been enabled, for example by sharing a folder or a printer with the local network.

It is important to note that Simple File and Print Sharing is only available on Windows XP machines that are not part of a Windows Active Directory Domain. However, configuring a Windows XP SP1 host to share network resources prior to joining an Active Directory Domain will leave it in the vulnerable state even after the Domain is joined.

After discovery and validation in the lab environment, Symantec worked with Microsoft to confirm the results. Today, Microsoft issued new information regarding the patch for the vulnerability first described in Microsoft Security Bulletin MS05-039, issued on August 9, 2005.
Additional information can be found at:

“Following responsible disclosure practices, Symantec notified Microsoft, validated the findings and quickly informed the public to protect against possible future threats,” said Oliver Friedrichs, senior manager, Symantec Security Response. “Symantec continues to urge users to update their systems when new patches are available to protect against possible exploits.”


As part of a defence in depth security solution, Symantec encourages the use of client security solutions which offer additional protection against possible exploitations of this vulnerability.

Enterprises should deploy a client security solution that includes intrusion prevention such as Symantec Client Security.

Consumers should install an Internet security solution such as Norton Internet Security 2005 AntiSpyware Edition to protect against today's known and tomorrow's unknown threats.

Both solutions have a signature that detects this vulnerability and blocks exploitation.

Symantec’s security experts will closely monitor its global intelligence network to scout for any unusual activities.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Half A Billion Accounts: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>


Half Full: Fonterra Raises Forecast Payout As Global Supply Shrinks

Fonterra Cooperative Group, the dairy processor which will announce annual earnings tomorrow, hiked its forecast payout to farmers by 50 cents per kilogram of milk solids as global supply continues to decline, helping prop up dairy prices. More>>



Meat Trade: Silver Fern Farms Gets Green Light For Shanghai Maling Deal

The government has given the green light for China's Shanghai Maling Aquarius to acquire half of Silver Fern Farms, New Zealand's biggest meat company, with ministers satisfied it will deliver "substantial and identifiable benefit". More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news