Microsoft has released an Internet Explorer patch marked 'critical' for download to fix vulnerability issues that is said to have affected around 2 million users.
The browser's flaw allows a Trojan to take over a victim's computer; it then routes it to infected websites.
The Excel vulnerability affects various versions of Microsoft Office, including Microsoft Office for Mac 2004 and 2008. The IE patch could allow information disclosure or remote code execution if a user views a specially crafted Web page.
Of the "critical" patches, Vulnerability in Active Directory Could Allow Remote Code Execution garnering the most attention. Failure to apply the software could allow remote code execution if an attacker gains access to an affected network.
"This vulnerability only affects Microsoft Windows 2000 servers configured to be domain controllers," Microsoft said in its bulletin. "If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability."
"It's especially critical for an IT shop that has Windows server 2000 domains and domain controllers," Schultze said. "You might not have them for long as any disgruntled employee can rename the files and take control of those assets without this patch."
Schultze said that Microsoft Security Bulletin MS08-063 and MS08-065, while labeled "important," is more than likely critical for a company's security. Both vulnerabilities allow for remote code execution, a favored target of hackers. MS08-063 in particular is dangerous because it impacts the Microsoft Server Message Block (SMB) protocol.
"That's the file- and printer-sharing protocol," Schultze said. "It's the protocol you use to log in and send something to the printer. So, if I go to my S drive and rename those files and give it a specifically long file name, then the moment that I do that, I can own that file server without human interaction. ... It's the first time in a long time we have seen these server-side vulnerabilities."
MS08-065 is a hole in Microsoft's Message Queuing Service (MSMQ) on Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled.
Schultze also noted that five of the 11 bulletins posted by Microsoft are addressing vulnerabilities found in Windows Vista and Windows Server 2008. "This really shows us that these operating systems are impacted by legacy code that goes back to Windows 1998 or earlier," he said.
Customers are also being warned about an e-mail sent out by hackers who are posing as a Microsoft security executive.
Source: .informationweek.com/news/security/app-security/showArticle.jhtml?articleID=211200526
The browser's flaw allows a Trojan to take over a victim's computer; it then routes it to infected websites.
The Excel vulnerability affects various versions of Microsoft Office, including Microsoft Office for Mac 2004 and 2008. The IE patch could allow information disclosure or remote code execution if a user views a specially crafted Web page.
Of the "critical" patches, Vulnerability in Active Directory Could Allow Remote Code Execution garnering the most attention. Failure to apply the software could allow remote code execution if an attacker gains access to an affected network.
"This vulnerability only affects Microsoft Windows 2000 servers configured to be domain controllers," Microsoft said in its bulletin. "If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability."
"It's especially critical for an IT shop that has Windows server 2000 domains and domain controllers," Schultze said. "You might not have them for long as any disgruntled employee can rename the files and take control of those assets without this patch."
Schultze said that Microsoft Security Bulletin MS08-063 and MS08-065, while labeled "important," is more than likely critical for a company's security. Both vulnerabilities allow for remote code execution, a favored target of hackers. MS08-063 in particular is dangerous because it impacts the Microsoft Server Message Block (SMB) protocol.
"That's the file- and printer-sharing protocol," Schultze said. "It's the protocol you use to log in and send something to the printer. So, if I go to my S drive and rename those files and give it a specifically long file name, then the moment that I do that, I can own that file server without human interaction. ... It's the first time in a long time we have seen these server-side vulnerabilities."
MS08-065 is a hole in Microsoft's Message Queuing Service (MSMQ) on Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled.
Schultze also noted that five of the 11 bulletins posted by Microsoft are addressing vulnerabilities found in Windows Vista and Windows Server 2008. "This really shows us that these operating systems are impacted by legacy code that goes back to Windows 1998 or earlier," he said.
Customers are also being warned about an e-mail sent out by hackers who are posing as a Microsoft security executive.
Source: .informationweek.com/news/security/app-security/showArticle.jhtml?articleID=211200526
0 comments:
Post a Comment