Sysopt has posted an article called "How to Make Windows 2000 and NT 4 Passwords Uncrackable".
A new Italian version of the "Love" bug computer virus started spreading through Europe Wednesday night, and has infected computers at 10 companies so far, according to an antivirus firm.
Read more
Read more
Microsoft has released a patch that eliminates a security vulnerability in Microsoft
Windows NT 4.0. The vulnerability could allow a locally logged on user to grant herself administrator level privileges.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-008.asp
Affected Software Versions
Microsoft Windows NT 4.0 Workstation
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Enterprise Edition
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Patch Availability
Microsoft Windows NT 4.0 Workstation, Server, and Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27804
Microsoft Windows NT 4.0 Server, Terminal Server Edition:
(will be available shortly)
NOTE This patch may be applied to Windows NT 4.0 Service Pack 6a.
Windows NT 4.0. The vulnerability could allow a locally logged on user to grant herself administrator level privileges.Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-008.asp
Affected Software Versions
Microsoft Windows NT 4.0 Workstation
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Enterprise Edition
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Patch Availability
Microsoft Windows NT 4.0 Workstation, Server, and Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27804
Microsoft Windows NT 4.0 Server, Terminal Server Edition:
(will be available shortly)
NOTE This patch may be applied to Windows NT 4.0 Service Pack 6a.
Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows 2000. The vulnerability could, under certain conditions, allow an attacker to gain complete control over an affected machine.
Affected Software Versions
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Patch Availability
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27526
Note: This patch can be installed on systems running Windows 2000 Gold, Service Pack 1, and Service Pack 2. It will be included in Service Pack 3.
Windows 2000. The vulnerability could, under certain conditions, allow an attacker to gain complete control over an affected machine.Affected Software Versions
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Patch Availability
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27526
Note: This patch can be installed on systems running Windows 2000 Gold, Service Pack 1, and Service Pack 2. It will be included in Service Pack 3.
MooSoft has released a trojan definitions database update for "The Cleaner".
Database v3204, 2885 trojan definitions.
------------------------
Added Double Fever
Added Gift
Added iDEMON
Added Last2000
Added RAID
Updated BioNet
Updated Infector
Updated Latinus
Updated MoSucker
Updated VBS.PlanColumbia
Updated Y3K
To update to the latest database, run MooLive: Start->Programs->The
Cleaner->MooLive
Database v3204, 2885 trojan definitions.
------------------------
Added Double Fever
Added Gift
Added iDEMON
Added Last2000
Added RAID
Updated BioNet
Updated Infector
Updated Latinus
Updated MoSucker
Updated VBS.PlanColumbia
Updated Y3K
To update to the latest database, run MooLive: Start->Programs->The
Cleaner->MooLive
Symantec has posted a new Norton Antivirus virus definitions update.
The implementation of the Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not correctly handle a particular series of data packets. If such a series of packets were received by an affected server, it would cause the server to fail. The server could be put back into normal service by rebooting it, but any work in progress at the time of the attack would be lost.
It would not be necessary for an attacker to be able to start a session with an affected server in order to exploit this vulnerability - he would only need the ability to send the correct series of packets to the RDP port on the server. The specific sequence of data packets involved in this vulnerability cannot be generated as part of a legitimate terminal server session. Windows NT 4.0 terminal servers are not affected by this vulnerability.
Read more/Download
It would not be necessary for an attacker to be able to start a session with an affected server in order to exploit this vulnerability - he would only need the ability to send the correct series of packets to the RDP port on the server. The specific sequence of data packets involved in this vulnerability cannot be generated as part of a legitimate terminal server session. Windows NT 4.0 terminal servers are not affected by this vulnerability.
Read more/Download
Microsoft has released a tool and patch that allow customers to diagnose and eliminate the effects of anomalies in the packaging of hotfixes for English language versions of Microsoft Windows 2000. Under certain circumstances, these anomalies could cause the removal of some hotfixes, which could include some security patches, from a Windows 2000 system.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-005.asp
Affected Software Versions
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Patch Availability
Diagnostic tool:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27333
Microsoft Windows 2000 Gold:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27332
Microsoft Windows 2000 SP1:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27330
Windows 2000. Under certain circumstances, these anomalies could cause the removal of some hotfixes, which could include some security patches, from a Windows 2000 system.Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-005.asp
Affected Software Versions
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Patch Availability
Diagnostic tool:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27333
Microsoft Windows 2000 Gold:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27332
Microsoft Windows 2000 SP1:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27330
Microsoft has posted a new security patch for Windows 2000 to fix the "Microsoft Virtual Machine Build 3802 File Reading Vulnerability".
Download
Download
This vulnerability involves a new variant of the "File Fragment
Reading via .HTR" vulnerability, previous variants of which were
discussed in Microsoft Security Bulletins MS00-031 and MS00-044. Like
the original variants, this one could enable an attacker to request a
file in a way that would cause it to be processed by the .HTR ISAPI
extension. The result of doing this is that fragments of server-side
files like .ASP files could potentially be sent to the attacker.
There is no capability via the vulnerability to add, change or delete
files on the server, or to access a file without permissions.
Read more
Reading via .HTR" vulnerability, previous variants of which were
discussed in Microsoft Security Bulletins MS00-031 and MS00-044. Like
the original variants, this one could enable an attacker to request a
file in a way that would cause it to be processed by the .HTR ISAPI
extension. The result of doing this is that fragments of server-side
files like .ASP files could potentially be sent to the attacker.
There is no capability via the vulnerability to add, change or delete
files on the server, or to access a file without permissions.
Read more
A parsing routine that is executed when PowerPoint 2000 opens files
contains an unchecked buffer. If an attacker inserted specially
chosen data into a PowerPoint file and could entice another user into
opening the file on his machine, the data would overrun the buffer,
causing either of two effects. In the less serious case, overrunning
the data would cause PowerPoint to fail, but wouldn´t have any other
effect. In the more serious case, overrunning the buffer could allow
the attacker to cause code of her choice to run on the user´s
machine. The code could take any action that the user himself could
take on the machine. Typically, this would enable the attacker´s code
to add, change or delete data, communicate with a remote server, or
take other actions.
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
contains an unchecked buffer. If an attacker inserted specially
chosen data into a PowerPoint file and could entice another user into
opening the file on his machine, the data would overrun the buffer,
causing either of two effects. In the less serious case, overrunning
the data would cause PowerPoint to fail, but wouldn´t have any other
effect. In the more serious case, overrunning the buffer could allow
the attacker to cause code of her choice to run on the user´s
machine. The code could take any action that the user himself could
take on the machine. Typically, this would enable the attacker´s code
to add, change or delete data, communicate with a remote server, or
take other actions.
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
Symantec has posted a new virus defitions update for Norton Antivirus.
Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows NT 4.0. The vulnerability could allow a malicious user to run a special program to disable an affected computer's network functionality.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-003.asp
Affected Software Versions
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Patch Availability
Windows NT 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27272
Windows NT 4.0, Terminal Server Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27291
Windows NT 4.0. The vulnerability could allow a malicious user to run a special program to disable an affected computer's network functionality.Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq01-003.asp
Affected Software Versions
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Patch Availability
Windows NT 4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27272
Windows NT 4.0, Terminal Server Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27291
Issue:
======
A parsing routine that is executed when PowerPoint 2000 opens files contains an unchecked buffer. If an attacker inserted specially chosen data into a PowerPoint file and could entice another user into opening the file on his machine, the data would overrun the buffer, causing either of two effects. In the less serious case, overrunning the data would cause PowerPoint to fail, but wouldn´t have any other effect. In the more serious case, overrunning the buffer could allow the attacker to cause code of her choice to run on the user´s machine. The code could take any action that the user himself could take on the machine. Typically, this would enable the attacker´s code to add, change or delete data, communicate with a remote server, or take other actions.
Mitigating Factors:
===================
The user would need to be enticed into opening a malformed PowerPoint file
Patch Availability:
===================
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
======
A parsing routine that is executed when PowerPoint 2000 opens files contains an unchecked buffer. If an attacker inserted specially chosen data into a PowerPoint file and could entice another user into opening the file on his machine, the data would overrun the buffer, causing either of two effects. In the less serious case, overrunning the data would cause PowerPoint to fail, but wouldn´t have any other effect. In the more serious case, overrunning the buffer could allow the attacker to cause code of her choice to run on the user´s machine. The code could take any action that the user himself could take on the machine. Typically, this would enable the attacker´s code to add, change or delete data, communicate with a remote server, or take other actions.
Mitigating Factors:
===================
The user would need to be enticed into opening a malformed PowerPoint file
Patch Availability:
===================
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
Symantec has released a new virus definitions update for Norton Antivirus.
Symantec has posted a new virus definitions update for Norton Antivirus.
Mark Fox sends words that the McAfee Virus definition has been updated to 4116.
Download DAT 4116
Download SuperDAT 4116
Download DAT 4116
Download SuperDAT 4116
