Archive for the ‘Security Guide’ Category
Wednesday, August 1st, 2007 151 views
Three critical security vulnerabilities exist in the Remote Procedure Call (RPC) service that could allow an attacker to take any action on the system by sending a malformed RPC message to a vulnerable system.
Issue
Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 155 views
A security vulnerability exists in the NetBIOS Name Service on Windows NT, 2000 and XP which could possibly allow a remote user to view random segments of memory on a user's computer.
Issue
Network basic input/output system (NetBIOS) is an application programming interface (API) that can be used by programs on a ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 154 views
A new worm known as W32.Blaster.Worm (also known as MBlaster, W32/Lovsan.worm, MSBlast, W32.blaster.worm, Win32.posa.worm, Win32.poza.worm) has been identified that is seeking to exploit the vulnerability that was addressed by a recent Microsoft Security Bulletin. Blaster is designed to launch a denial of service attack against Microsoft's Windows Update Web site.
Issue
Microsoft ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 171 views
An unchecked buffer exists in one of the functions used by the Windows XP shell which could allow a malicious user to construct an attack that could exploit this flaw and execute code on the system.
Issue
The Windows shell is responsible for providing the basic framework of the Windows user interface ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 158 views
A major security vulnerability exists in the RPC Interface of Windows NT, 2000, XP and Windows Server 2003 which could allow a remote attacker to run the code of their choice on the system. This vulnerability has been exploited by the Blaster worm.
Issue
Remote Procedure Call (RPC) is a protocol used ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 254 views
A local privilege elevation vulnerability exists in Windows 2000 that could allow a user to gain Local System privileges by sending a specially crafted Windows message to the Utility Manager process.
Issue
Microsoft Windows 2000 contains support for Accessibility options within the operating system. Accessibility support is a series of assistive technologies ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 170 views
A security vulnerability exists in a networking components of Windows NT, 2000 and XP which could allow an attacker to execute code of their choice by sending a specially crafted SMB packet request.
Issue
Server Message Block (SMB) is the Internet Standard protocol that Windows uses to share files, printers, serial ports, ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 143 views
Windows 2000 Service Pack 4 (SP4) provides the latest updates to the Windows 2000 operating systems. These updates are a collection of fixes in the following areas: security, application compatibility, operating system reliability, and setup.
Issue
This service pack includes fully regression-tested versions of the patches for all security vulnerabilities affecting Windows ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 218 views
A security vulnerability exists in the way the Windows kernel passes error messages to a debugger which could allow a local attacker to take any action on the system with full administrative privileges.
Issue
There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results ...
Posted in Microsoft Windows, Security Guide | No Comments »
Wednesday, August 1st, 2007 147 views
A security vulnerabiliy in the Remote Procedure Call (RPC) endpoint mapper in Windows NT 4.0, 2000 and XP could allows a remote attacker to cause a denial of service by transmitting a malformed RPC message.
Issue
Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an ...
Posted in Microsoft Windows, Security Guide | No Comments »
