HOUSTON -- BindView Corp. (Nasdaq:BVEW) announced today that its RAZOR Rapid Response Team has created security checks for nine newly identified critical Microsoft vulnerabilities outlined in the latest Microsoft Security Bulletins.
BindView customers on current maintenance contracts running Vulnerability Management solutions that include bv-Control for Windows and bv-Control for Internet Security can take immediate protective action. In addition, BindView Patch Deployment customers can use the product to deploy Microsoft patches across their environments or to package the patches for deployment with a software deployment tool such as SMS. BindView's RapidFire Update Service provides customers with immediate access to the updates via automatic distribution, or customers can download the new updates online at http://www.bindview.com/advisories/ADV_MSFT05-020905.cfm.
Who is at Risk
It is recommended that customers refer to the associated Microsoft Security Bulletins for full details. Following are brief descriptions of the vulnerabilities and the systems affected:
MS05-004: A public vulnerability in ASP.NET allows attackers to bypass security features of an ASP.NET Web site to gain unauthorized access to parts of the Web site. The actions attackers could take would depend on the specific content that is protected. Organizations affected include those using Microsoft .NET Framework 1.0 and Microsoft .NET Framework 1.1.
MS05-005: By taking advantage of the vulnerability in Microsoft Office XP, attackers can take complete control of individual systems. Organizations at risk include those using Microsoft Office XP Software Service Pack 3 and Service Pack 2, Microsoft Office XP Software, 2002 versions of Word, PowerPoint, Project, Visio and Microsoft Works Suite 2002, 2003 and 2004.
MS05-009: A flaw in the Windows Media Player's PNG processing allows attackers to take complete control of affected systems. Attackers are able to install programs; view, change or delete data; or create new accounts with full user rights. Organizations affected include those using Microsoft Windows Media Player 9 Series (when running on Windows 2000, Windows XP Service Pack 1 and Windows Server 2003), Microsoft Windows Messenger version 5.0 (standalone version that can be installed on all supported operating systems), Microsoft MSN Messenger 6.1 and 6.2, Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE) and Microsoft Windows Millennium Edition (ME).
MS05-110: A vulnerability in the License Logging Service allows attackers to take complete control of individual systems for remote code execution. As a result, attackers can install programs; view, change or delete data; or create new accounts with full user rights. Systems at risk include Microsoft Windows NT Server 4.0 Service Pack 6a, Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6, Microsoft Windows 2000 Server Service Pack 3 and Service Pack 4, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 for Itanium-based Systems.
MS05-011: A flaw in the Server Message Block (SMB) allows attackers to take complete control of an affected system for remote code execution. The vulnerability affects Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows XP Service Pack 1 and Service Pack 2, Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium), Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003 and Microsoft Windows Server 2003 for Itanium-based Systems.
MS05-012: With this flaw, a privilege elevation vulnerability affects operating systems and programs accessing memory when processing COM-structured storage files. A remote code execution flaw exists in OLE because of the input validation process, permitting attackers to create malicious documents that could allow for remote code execution. Microsoft platforms affected by this vulnerability include Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows XP Service Pack 1 and Service Pack 2, Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium), Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003, Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Exchange 2000 Server Service Pack 3, Microsoft Exchange Server 2003 and Service Pack 1, Microsoft Exchange Server 5.0 Service Pack 2, Microsoft Exchange Server 5.5 Service Pack 4, Microsoft Windows 98 and Second Edition, Microsoft Windows Millennium Edition, Microsoft Office XP Service Pack 3 and Service Pack 2 and Microsoft Office XP applications.
MS05-013: By constructing a malicious Web page with Microsoft Dynamic HTML (DHTML) Editing Component ActiveX control, attackers can gather information or allow for remote code execution if users visit the malicious site. Organizations at risk include those using Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows XP Service Pack 1 and Service Pack 2, Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium), Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003, Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows 98 and Second Edition and Microsoft Windows Millennium Edition (ME).
MS05-014: Several flaws in Internet Explorer allow for remote code execution, providing attackers capabilities to install programs; view, change or delete data; or create new accounts with full user rights. The flaw affects Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows XP Service Pack 1 and Service Pack 2, Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium), Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003, Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE) and Microsoft Windows Millennium Edition (ME).
MS05-015: A flaw in the Hyperlink Object Library allows attackers to construct malicious hyperlinks which could lead to remote code execution if users click on the links. User interaction is required to exploit this vulnerability. Organizations at risk include those using Microsoft Windows 2000 Service Pack 3 and Service Pack 4, Microsoft Windows XP Service Pack 1 and Service Pack 2, Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium), Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003, Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows 98 and Second Edition and Microsoft Windows Millennium Edition (ME).
BindView has created vulnerability checks for bv-Control for Windows and bv-Control for Internet Security to assist customers in locating compromised systems. Once systems are identified, customers should proceed with outlined precautionary measures as quickly as possible.
Priority should be given to Internet-facing and other critical Web servers, as well as bv-Control for Windows installations. Mobile systems connected to broadband networks -- including notebook computers -- are also a priority as they may be exposed to the Internet without firewall protection.
Commentary on the Vulnerabilities
BindView RAZOR Team experts are available to discuss these new vulnerabilities and share further insight into organizations most at risk, potential outcomes of an attack, as well as additional ways to secure enterprise IT infrastructures. Experts can also discuss the growing number of system vulnerabilities that have been identified in the past few months.
About BindView Corporation
BindView Corporation is a leading provider of proactive business policy, IT security and directory management software. BindView solutions and services enable customers to centralize and automate policy compliance, vulnerability assessment, and directory administration across the entire organization. With BindView insight at work(TM), customers benefit from reduced risk and improved operational efficiencies with a verifiable return on investment. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at info@bindview.com or visit BindView's Web site at http://www.bindview.com. BindView can also be reached at 1-800-749-8439 or at 1-713-561-4000.
Комментариев нет:
Отправить комментарий