NT Compatible - Security (Page 14)

Microsoft Personal Security Advisor

Security 10941 Published 2001-08-17 10:45 by Philipp Esselbach 0

Thanks to Andrew for this one:

Microsoft Personal Security Advisor (MPSA) is an easy to use web application that will help you secure your Windows NT

4.0 or Windows 2000

computer system. Simply press the Scan Now button to receive a detailed report of your computer's security settings and recommendations for improvement.

MPSA will scan your system and build a customized report on items such as: missing security patches, weak passwords, Internet Explorer and Outlook Express security settings, and Office macro protection settings. More details on the specific tests performed by MPSA are available by clicking on the Features menu option above.

Read more

Outlook View Control Exposes Unsafe Functionality 2.0

Security 10941 Published 2001-08-17 10:23 by Philipp Esselbach 0

On July 12, 2001, Microsoft released the original version of this bulletin, to advise customers of a vulnerability affecting Microsoft Outlook and to recommend that they temporarily use an administrative procedure to protect their systems. A patch that eliminates the vulnerability is now available. An updated version of the bulletin was released on August 16, 2001, to announce the availability of the patch and to advise customers that the administrative procedure is no longer needed.

The Microsoft Outlook View Control is an ActiveX control that allows Outlook mail folders to be viewed via web pages. The control should only allow passive operations such as viewing mail or calendar data. In reality, though, it exposes a function that could allow the web page to manipulate Outlook data. This could enable an attacker to delete mail, change calendar information, or take virtually any other action through Outlook including running arbitrary code on the user's machine.

Read more

ISA Server H.323 Gatekeeper Service Contains Memory Leak

Security 10941 Published 2001-08-17 00:40 by Philipp Esselbach 0

This bulletin discusses three security vulnerabilities that are unrelated except in the sense that both affect ISA Server 2000:

- A denial of service vulnerability involving the H.323 Gatekeeper Service, a service that supports the transmission of voice-over-IP traffic through the firewall. The service contains a memory leak that is triggered by a particular type of malformed H.323 data. Each time such data is received, the memory available on the server is depleted by a small amount; if an attacker repeatedly sent such data, the performance of the server could deteriorate to the point where it would effectively disrupt all communications across the firewall. A server administrator could restore normal service by cycling the H.323 service.

- A denial of service vulnerability in the in the Proxy service. Like the vulnerability above, this one is caused by a memory leak, and could be used to degrade the performance of the server to the point where is disrupted communcations.

- A cross-site scripting vulnerability affecting the error page that ISA Server 2000 generates in response to a failed request for a web page. An attacker could exploit the vulnerability by tricking a user into submitting to ISA Server 2000 an URL that has the following characteristics: (a) it references a valid web site; (b)it requests a page within that site that can't be retrieved - that is, a non-existent page or one that generates an error; and (c) it contains script within the URL. The error page generated by ISA Server 2000 would contain the embedded script commands, which would execute when the page was displayed in the user's browser. The script would run in the security domain of the web site referenced in the URL, and would be able to access any cookies that site has written to the user's machine.

Read more

Norton Antivirus Virus Definitions Update (51781 Viruses)

Security 10941 Published 2001-08-16 14:59 by Philipp Esselbach 0

Symantec has released a new virus definitions update for Norton Antivirus.

Cumulative Patch for IIS

Security 10941 Published 2001-08-16 11:14 by Philipp Esselbach 0

This patch is a cumulative patch that includes the functionality of all security patches released to date for IIS 5.0, and all patches released for IIS 4.0 since Windows NT(r) 4.0 Service Pack 5.

A patch is available to fix these vulnerabilities. Please read the Security Bulletin for information on obtaining this patch.

Read more

Vulnerability in OpenView and NetView

Security 10941 Published 2001-08-15 22:23 by Philipp Esselbach 0

Thanks to CestLaVie for this one:

CERT Advisory CA-2001-24 Vulnerability in OpenView and NetView
Original release date: August 15, 2001 Last revised: --
Source: CERT/CC

Systems Affected

Systems running HP OpenView Network Node Manager (NNM) Version 6.1 on the following platforms:
HP9000 Servers running HP-UX releases 10.20 and 11.00 (only)
Sun Microsystems Solaris releases 2.x
Microsoft Windows NT4.x / Windows 2000

Systems running Tivoli NetView Versions 5.x and 6.x on the following platforms:
IBM AIX
Sun Microsystems Solaris
Compaq Tru64 Unix
Microsoft Windows NT4.x / Windows 2000

Read more

Microsoft launches patch scanner

Security 10941 Published 2001-08-15 21:29 by Philipp Esselbach 0

Security professionals have welcomed the release today of a patch scanner for Windows NT and 2000 machines.
The command line program, HFNetChk, was designed by Microsoft's security program manager, Eric Schultze.

Read more

Code Red back for a new attack in Asia

Security 10941 Published 2001-08-15 21:21 by Philipp Esselbach 0

The Code Red II computer worm has attacked some of the Hong Kong government's internal servers causing temporary suspension of access, a government spokeswoman said on Wednesday.

Read more

McAfee DAT and SuperDAT 4154

Security 10941 Published 2001-08-15 19:50 by Philipp Esselbach 0

McAfee Virus definitions has been updated to version 4154

NNTP Service in Windows NT 4.0 and Windows 2000...

Security 10941 Published 2001-08-15 09:32 by Philipp Esselbach 0

...Contains Memory Leak

The NNTP (Network News Transport Protocol) service in Windows NT 4.0 and Windows 2000 contains a memory leak in a routine that processes news postings. Each time such a posting is processed that contains a particular construction, the memory leak causes a small amount of memory to no longer be available for use. If an attacker sent a large number of posts, the server memory could be depleted to the point at which normal service would be disrupted. An affected server could be restored to normal service by rebooting.

A patch is available to fix this vulnerability. Please read the Security Bulletin for information on obtaining this patch.

Read more

Viruses wiggle into IM chats

Security 10941 Published 2001-08-14 22:47 by Philipp Esselbach 0

Bates, an 18-year-old who will start his freshman year at Oklahoma University this month, knew it was uncharacteristic of Trey to flood him with winking faces--a popular emoticon used to color text-based IM conversations. His suspicions grew when the alias george.w.bush@whitehouse.gov suddenly flashed on his screen along with an invitation to accept an attached file called choke.exe. Unlike his friend, who obviously had been bitten by a virus, Bates knew better than to accept it.

Read more

Trendmicro PC-cillin 98 / 2000 Pattern 925

Security 10941 Published 2001-08-14 18:38 by Philipp Esselbach 0

Trendmicro has posted new virus definitions (#925) for PC-cillin 98 and 2000

Download

The Cleaner Database v3251

Security 10941 Published 2001-08-13 08:43 by Philipp Esselbach 0

MooSoft has posted a new trojan definitions update for The Cleaner

South Korea says third version of Code Red detected

Security 10941 Published 2001-08-11 12:08 by Philipp Esselbach 0

SEOUL (REUTERS) - The Code Red computer virus has mutated into a third more dangerous variant, South Korea's Information and Communication Ministry said Friday.

About 10 damage reports have come in which were believed to have been the result of the latest Code Red III, Ko Kwang-sup, an official at the ministry, told Reuters.

Read more

NT4 Sites with Redirects can crash from Code Red

Security 10941 Published 2001-08-09 20:14 by Philipp Esselbach 0

Thanks to Clutch for this one:

McAfee DAT and SuperDAT 4153

Security 10941 Published 2001-08-09 20:07 by Philipp Esselbach 0

McAfee Virus definitions has been updated to version 4153

Norton Antivirus Virus Definitions Update (51263 Viruses)

Security 10941 Published 2001-08-09 20:03 by Philipp Esselbach 0

Symantec has released a new virus definitions update for Norton Antivirus.

Code Red hits Hotmail, FedEx servers

Security 10941 Published 2001-08-09 19:57 by Philipp Esselbach 0

Code Red claimed two major victims this week, as Microsoft confirmed that some servers running its MSN Hotmail service were infected with a version of the worm and express-shipping giant Federal Express said the worm interfered with some deliveries Wednesday.

Microsoft spokesman Jim Desler said Thursday that some Hotmail servers were brought offline to deal with the problem and that service was not disrupted. About 110 million people have accounts with the free Web-based e-mail service, according to Microsoft.

Read more

Not Everything Is Peachy With PDFs

Security 10941 Published 2001-08-09 10:51 by Philipp Esselbach 0

The security firm Vigilinx Inc. is alerting customers of a first-ever worm that replicates using an Adobe portable document format (PDF). The PeachyPDF@mm worm mass mails itself through Microsoft Outlook. Not only does it send itself to 100 addresses from an infected users' address book, it also sends itself to the users' alternative E-mail addresses.

Read more

Worms prompt AT&T to unplug customer sites

Security 10941 Published 2001-08-09 10:48 by Philipp Esselbach 0

To keep the spread of the Code Red worms from slowing down its cable Internet network, AT&T is blocking access to Web servers that residential customers are running, a spokeswoman said Wednesday.

Read more