[ISN] Security researcher accuses Redmond of misleading customers

From: InfoSec News (isnat_private)
Date: Thu May 29 2003 - 22:39:12 PDT

  • Next message: InfoSec News: "[ISN] Microsoft creates new group to clean its coding act"

    http://www.smh.com.au/articles/2003/05/30/1054177706964.html
    
    By Sam Varghese
    May 30 2003
    
    Security researcher Marc Maiffret of eEye digital Security has accused
    Microsoft of misleading customers in its advisory issued on Wednesday
    about a vulnerability in Windows Media Services.
    
    Maiffret said that, contrary to Microsoft's advice, "this...  
    vulnerability is exploitable, as confirmed in the labs at eEye, and by
    the discoverer of this vulnerability, Brett Moore."
    
    He said: "I am not sure why Microsoft misidentified this
    vulnerability... maybe it is just a typo, maybe its a lack of
    technical know-how. Either way they need to re-release this advisory
    so that the correct information is given to customers."
    
    Maiffret said there was a a big difference in telling customers 'Ahh,
    its a denial of service, and your web server will automatically
    restart' compared to the reality of the situation: 'If you're running
    Windows Media Services on IIS, attackers can spawn a remote shell
    'command prompt' on your vulnerable system.'
    
    He said Moore, the researcher from New Zealand who had identified the
    flaw, would be releasing an advisory soon with more details on the how
    and why of the matter.
    
    Maiffret said he was "not sure how you can have 'Trust'worthy
    Computing when your misinforming customers on a regular basis or
    releasing patches that disable their Internet access. "
    
    Meanwhile, Microsoft has revised two advisories issued earlier this
    year.
    
    An updated Windows XP Service Pack 1 patch was issued to fix a local
    elevation of privilege as the original patch had caused some
    performance issues.
    
    Additionally, patches were released for NT 4.0 and XP to fix a
    vulnerability that would enable an attacker to run code of his or her
    choice. Earlier, this vulnerability had been said to be present only
    in Windows 2000.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri May 30 2003 - 01:23:17 PDT