Connecting state and local government leaders
Microsoft releases patches for a handful of serious new security flaws, as security experts warn of imminent multi-avenue attacks.
Microsoft Corp. has released patches for a handful of serious new Windows security flaws, one of them for a ubiquitous service with many avenues of attack.
Security experts advised users to patch computers running most versions of Windows NT, 2000, 2003 and XP operating systems for servers and end-user systems, warning that attacks are all but inevitable.
'This is a very serious issue,' said Scott Blake, vice president of information services for BindView Corp. of Houston. 'I know for a fact that people are working on exploits now.'
Blake said it is difficult to predict how long it will take for workable exploits to appear but expected it would be sooner rather than later.
'I think it is likely we will see something by this weekend,' he said.
The vulnerability getting the most attention is an unchecked buffer in Microsoft's Abstract Syntax Notation 1 Library. ASN.1 is a library used to assure that communications among applications and network components can translate data between formats. A request for ASN.1 to decode malformed data could result in a buffer overflow and expose an affected computer to remote exploit.
The vulnerability is critical because so many applications and devices use ASN.1. 'Anything could use it, and many things do,' Blake said.
Because there are so many avenues of attack, guarding against it without the Microsoft patch is nearly impossible, Blake warned. He said he expected to see exploits delivered via e-mail, Web pages and network-based attacks targeting multiple services.
Microsoft also rated as critical a series of flaws in multiple versions of its Internet Explorer Web browser. Users visiting a malicious Web page or opening a malicious HTML e-mail, or clicking on a malevolent link on a Web page or HTML e-mail, could open a computer to attack or let code be saved on the computer.
The third flaw could let an attacker display data from one Web site while displaying a URL from another in a browser's address bar.
Microsoft's third bulletin warned of a flaw in the Windows Internet Naming Service that could make Windows Server 2003 subject to a denial-of-service attack by repeatedly forcing WINS to restart automatically. After the third automatic restart, WINS requires a manual restart. There would be no damage to the system and no remote exploits possible, but the result could be denial of service on the server.
To resolve this vulnerability, users need to shut TCP ports 42 and 137 or remove WINS if it is not needed.
To download security bulletins and patches, got to www.microsoft.com/security.
NEXT STORY: County day care data mistakenly posted on Web