-----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Wednesday, February 11, 2004 7:10 AM To: Information Technology Subject: [Information_technology] Daily News 2/11/04 February 10, Microsoft - Microsoft Security Bulletin MS04-007: ASN.1 Vulnerability Could Allow Code Execution. A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an effected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow. An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges. Microsoft has assigned a risk rating of "Critical" to this issue, and has issued a security update. This vulnerability effects Microsoft Windows NT 4.0, Windows NT Server 4.0 Terminal Server Edition, Windows 2000, Windows XP, and Windows Server 2003. Additional information is available in "Technical Cyber Security Alert TA04-041A: Multiple Vulnerabilities in Microsoft ASN.1 Library" on the US-CERT Website: http://www.us-cert.gov/cas/techalerts/TA04-041A.html Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/bulletin/ms04-007.asp February 10, Microsoft - Microsoft Security Bulletin MS04-006: Print Vulnerability in the Windows Internet Naming Service Could Allow Code Execution. A security vulnerability exists in the Windows Internet Naming Service (WINS). This vulnerability exists because of the method that WINS uses to validate the length of specially-crafted packets. On Windows Server 2003 this vulnerability could allow an attacker who sent a series of specially-crafted packets to a WINS server to cause the service to fail. Most likely, this could cause a denial of service. The possibility of a denial of service on Windows Server 2003 results from the presence of a security feature that is used in the development of Windows Server 2003. Because it is possible that methods may be found in the future to bypass this security feature, which could then enable code execution, customers should apply the update. On Windows NT and Windows 2000, the nature of the vulnerability is slightly different. WINS will reject the specially-crafted packet and the attack does not result in a denial of service. The vulnerability on these platforms also does not allow code execution. Microsoft has assigned a risk rating of "Important" to this issue for Microsoft Windows Server 2003, and has issued an update. Microsoft has assigned a risk rating of "Low" to this issue for Microsoft Windows NT 4.0, Windows NT Server 4.0 Terminal Server Edition, and Windows 2000. Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/bulletin/ms04-006.asp February 10, GAO - Report GAO-04-241: Telecommunications: Wire-Based Competition Benefited Consumers In Selected Markets. One of the primary purposes of the Telecommunications Act of 1996 was to promote competition in telecommunication markets, but wire-based competition has not developed as fully as expected. However, a new kind of entrant, called broadband service providers (BSP), offers an alternative wirebased option for local telephone, subscription television, and highspeed Internet services to consumers in the markets they have chosen to enter. This report provides information on (1) BSPs' business strategy, (2) the impact of BSPs' market entry on incumbent companies' behavior and consumer prices for telecommunications services, (3) the key factors that BSPs consider when making decisions about which local markets to enter, and (4) the success of BSPs in attaining subscribership and any key factors that may limit their success. Highlights: http://www.gao.gov/highlights/d04241high.pdf Source: http://www.gao.gov/cgi-bin/getrpt?GAO-04-241 February 10, Microsoft - Microsoft Security Bulletin MS04-005: Vulnerability in Virtual PC for Mac could lead to privilege elevation. A security vulnerability exists in Microsoft Virtual PC for Mac because of the method by which Virtual PC for Mac creates a temporary file when it is run. An attacker could exploit this vulnerability by inserting malicious code into the file which could cause the code to be run with system privileges. This could give the attacker complete control over the system. To exploit this vulnerability, an attacker would have to already have a valid logon account on the local system, or the attacker would already have to have access to a valid logon account. Microsoft has assigned a risk rating of "Important" to this issue and updates are available for the following affected software: Microsoft Virtual PC for Mac version 6.0, 6.01, 6.02, 6.1 Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/bulletin/ms04-005.asp Internet Alert Dashboard Current Alert Levels AlertCon: 1 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 1 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: WORM_MYDOOM.A Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 3127 (mydoom), 113 (ident), 137 (netbios?ns), 1080 (socks), 3128 (squid?http), 20168 (???), 135 (epmap), 37852 (linkproof), 1434 (ms?sql?m), 445 (microsoft?ds) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Wed Feb 11 2004 - 11:15:48 PST