Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Security Bulletin Update - 16 August 2005
Posted by Philipp Esselbach on: 08/17/2005 05:51 AM [ Print | 0 comment(s) ]
A security bulletin update from Microsoft:
This alert is to notify you of the 16 August 2005 revision of Microsoft
Security Advisory (899588) Vulnerability in Plug and Play Could Allow
Remote Code Execution and Elevation of Privilege (899588).
This Security Advisory has been updated with information regarding
variations of an existing attack exploiting the vulnerability addressed
by the Microsoft Security Bulletin MS05-039 on August 9, 2005. Our
analysis has revealed that the reported worms are similar to the
existing worm called Worm:Win32/Zotob.A. These worms have thus far had a
low impact on customers.
Our initial investigation has revealed that these worms exploit the
Windows Plug and Play vulnerability remotely only against Windows
2000-based systems. For more information about these worms, to help
determine if you have been infected by these worms, and for instructions
on how to repair your system if you have been infected by these worms,
see the Zotob Security Incident Web site or the Microsoft Virus
Encyclopedia. For Microsoft Virus Encyclopedia references see the
"Overview" section.
Other versions of Windows, including Windows XP Service Pack 2 and
Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
variations, and similar worms attempting to exploit the Windows Plug and
Play vulnerability, unless they have already been compromised by other
malicious software. Customers can protect against attacks attempting to
utilize this vulnerability by installing the security updates provided
by the Microsoft Security Bulletin MS05-039 immediately. The MS05-039
security bulletin is available at the following Web site.
Microsoft's investigation into this malicious act is ongoing so that we
can continue to understand how we can help support customers. We are
working closely with our anti-virus partners and aiding law enforcement
in its investigation.
Our investigation of these attacks has verified that they do not affect
customers who have installed the updates detailed in MS05-039 on their
computers. Microsoft continues to recommend that customers apply the
updates to the affected products by enabling the Automatic Updates
feature in Windows.
Microsoft is disappointed that certain security researchers have
breached the commonly accepted industry practice of withholding
vulnerability data so close to update release and have published exploit
code, potentially harming computer users. We continue to urge security
researchers to disclose vulnerability information responsibly and allow
customers time to deploy updates so they do not aid criminals in their
attempt to take advantage of software vulnerabilities.
This Microsoft Security Advisory is located at this location:
http://www.microsoft.com/technet/security/advisory/899588.mspx
Microsoft Security Advisories are located at this location:
http://www.microsoft.com/technet/security/advisory/default.mspx
If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.
Thank you,
Microsoft PSS Security Team
Security Advisory (899588) Vulnerability in Plug and Play Could Allow
Remote Code Execution and Elevation of Privilege (899588).
This Security Advisory has been updated with information regarding
variations of an existing attack exploiting the vulnerability addressed
by the Microsoft Security Bulletin MS05-039 on August 9, 2005. Our
analysis has revealed that the reported worms are similar to the
existing worm called Worm:Win32/Zotob.A. These worms have thus far had a
low impact on customers.
Our initial investigation has revealed that these worms exploit the
Windows Plug and Play vulnerability remotely only against Windows
2000-based systems. For more information about these worms, to help
determine if you have been infected by these worms, and for instructions
on how to repair your system if you have been infected by these worms,
see the Zotob Security Incident Web site or the Microsoft Virus
Encyclopedia. For Microsoft Virus Encyclopedia references see the
"Overview" section.
Other versions of Windows, including Windows XP Service Pack 2 and
Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
variations, and similar worms attempting to exploit the Windows Plug and
Play vulnerability, unless they have already been compromised by other
malicious software. Customers can protect against attacks attempting to
utilize this vulnerability by installing the security updates provided
by the Microsoft Security Bulletin MS05-039 immediately. The MS05-039
security bulletin is available at the following Web site.
Microsoft's investigation into this malicious act is ongoing so that we
can continue to understand how we can help support customers. We are
working closely with our anti-virus partners and aiding law enforcement
in its investigation.
Our investigation of these attacks has verified that they do not affect
customers who have installed the updates detailed in MS05-039 on their
computers. Microsoft continues to recommend that customers apply the
updates to the affected products by enabling the Automatic Updates
feature in Windows.
Microsoft is disappointed that certain security researchers have
breached the commonly accepted industry practice of withholding
vulnerability data so close to update release and have published exploit
code, potentially harming computer users. We continue to urge security
researchers to disclose vulnerability information responsibly and allow
customers time to deploy updates so they do not aid criminals in their
attempt to take advantage of software vulnerabilities.
This Microsoft Security Advisory is located at this location:
http://www.microsoft.com/technet/security/advisory/899588.mspx
Microsoft Security Advisories are located at this location:
http://www.microsoft.com/technet/security/advisory/default.mspx
If you have any questions regarding this alert please contact your
Technical Account Manager or Application Development Consultant.
Thank you,
Microsoft PSS Security Team
Related Threads
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
12/07/2007 07:12 PM: norton internet security (1) by Myke
06/02/2007 01:42 PM: security certification problem in WinXP (10) by packman
11/03/2006 12:29 AM: Norton Internet Security (1) by Sampson
08/20/2006 01:59 PM: Norton INternet Security Deleted Files (1) by peterh
05/25/2007 10:33 AM: Norton Internet Security 2006 wiped out my files! (2) by sofa tables
05/22/2006 05:13 AM: Recovering from brutalizing Norton Internet Security (3) by tschrock
02/19/2006 12:21 AM: Norton Security: My son knows how to turn it off, how can I prevent this? (1) by American Zombie
02/15/2006 09:51 AM: The complete security suite for all your data/communication needs (2) by imaole
01/09/2006 07:17 AM: Norton Internet Security 2005 (1) by Sampson
12/07/2007 07:12 PM: norton internet security (1) by Myke
06/02/2007 01:42 PM: security certification problem in WinXP (10) by packman
11/03/2006 12:29 AM: Norton Internet Security (1) by Sampson
08/20/2006 01:59 PM: Norton INternet Security Deleted Files (1) by peterh
05/25/2007 10:33 AM: Norton Internet Security 2006 wiped out my files! (2) by sofa tables
05/22/2006 05:13 AM: Recovering from brutalizing Norton Internet Security (3) by tschrock
02/19/2006 12:21 AM: Norton Security: My son knows how to turn it off, how can I prevent this? (1) by American Zombie
02/15/2006 09:51 AM: The complete security suite for all your data/communication needs (2) by imaole
01/09/2006 07:17 AM: Norton Internet Security 2005 (1) by Sampson