http://www.smh.com.au/articles/2003/05/30/1054177706964.html By Sam Varghese May 30 2003 Security researcher Marc Maiffret of eEye digital Security has accused Microsoft of misleading customers in its advisory issued on Wednesday about a vulnerability in Windows Media Services. Maiffret said that, contrary to Microsoft's advice, "this... vulnerability is exploitable, as confirmed in the labs at eEye, and by the discoverer of this vulnerability, Brett Moore." He said: "I am not sure why Microsoft misidentified this vulnerability... maybe it is just a typo, maybe its a lack of technical know-how. Either way they need to re-release this advisory so that the correct information is given to customers." Maiffret said there was a a big difference in telling customers 'Ahh, its a denial of service, and your web server will automatically restart' compared to the reality of the situation: 'If you're running Windows Media Services on IIS, attackers can spawn a remote shell 'command prompt' on your vulnerable system.' He said Moore, the researcher from New Zealand who had identified the flaw, would be releasing an advisory soon with more details on the how and why of the matter. Maiffret said he was "not sure how you can have 'Trust'worthy Computing when your misinforming customers on a regular basis or releasing patches that disable their Internet access. " Meanwhile, Microsoft has revised two advisories issued earlier this year. An updated Windows XP Service Pack 1 patch was issued to fix a local elevation of privilege as the original patch had caused some performance issues. Additionally, patches were released for NT 4.0 and XP to fix a vulnerability that would enable an attacker to run code of his or her choice. Earlier, this vulnerability had been said to be present only in Windows 2000. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri May 30 2003 - 01:23:17 PDT