Slew of new Windows vulnerabilities prompts new patches

Slew of new Windows vulnerabilities prompts new patches

Microsoft Corp. has released patches for a handful of serious new Windows security flaws, one of them for a ubiquitous service with many avenues of attack.

Security experts advised users to patch computers running most versions of Windows NT, 2000, 2003 and XP operating systems for servers and end-user systems, warning that attacks are all but inevitable.

'This is a very serious issue,' said Scott Blake, vice president of information services for BindView Corp. of Houston. 'I know for a fact that people are working on exploits now.'

Blake said it is difficult to predict how long it will take for workable exploits to appear but expected it would be sooner rather than later.

'I think it is likely we will see something by this weekend,' he said.

The vulnerability getting the most attention is an unchecked buffer in Microsoft's Abstract Syntax Notation 1 Library. ASN.1 is a library used to assure that communications among applications and network components can translate data between formats. A request for ASN.1 to decode malformed data could result in a buffer overflow and expose an affected computer to remote exploit.

The vulnerability is critical because so many applications and devices use ASN.1. 'Anything could use it, and many things do,' Blake said.

Because there are so many avenues of attack, guarding against it without the Microsoft patch is nearly impossible, Blake warned. He said he expected to see exploits delivered via e-mail, Web pages and network-based attacks targeting multiple services.

Microsoft also rated as critical a series of flaws in multiple versions of its Internet Explorer Web browser. Users visiting a malicious Web page or opening a malicious HTML e-mail, or clicking on a malevolent link on a Web page or HTML e-mail, could open a computer to attack or let code be saved on the computer.

The third flaw could let an attacker display data from one Web site while displaying a URL from another in a browser's address bar.

Microsoft's third bulletin warned of a flaw in the Windows Internet Naming Service that could make Windows Server 2003 subject to a denial-of-service attack by repeatedly forcing WINS to restart automatically. After the third automatic restart, WINS requires a manual restart. There would be no damage to the system and no remote exploits possible, but the result could be denial of service on the server.

To resolve this vulnerability, users need to shut TCP ports 42 and 137 or remove WINS if it is not needed.

To download security bulletins and patches, got to

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected