Alerts
Multiple Critical Vulnerabilities in Microsoft Windows
Date:
April 13, 2004
Severity:
High
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Overview:
These vulnerabilities could potentially allow an attacker to take complete control of an affected system. An attacker could then take any action on the affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. eEye and Microsoft have released detailed advisories to alert Windows users of the need to immediately secure vulnerable machines on their networks.
Prevention:
The most effective way to protect vulnerable systems is to apply the hotfixes released by Microsoft. The hotfixes will remediate these vulnerabilities, and can be found here:
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
Retina Network Security Scanner
Retina has been updated to check for all of the above vulnerabilities. These checks are included in Retina versions 4.9.194 and higher. Retina is the only scanner that is 100% non-intrusive and can scan remotely without administrative access. For a comprehensive list of Retina audits click here:
http://www.eeye.com/html/mkt/gen/AprilAdv.html
Links:
Microsoft DCOM RPC Memory Leak
Microsoft DCOM RPC Race Condition
Windows Local Security Authority Service Remote Buffer Overflow
This alert was last updated on April 13, 2004.
April 13, 2004
Severity:
High
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Overview:
These vulnerabilities could potentially allow an attacker to take complete control of an affected system. An attacker could then take any action on the affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. eEye and Microsoft have released detailed advisories to alert Windows users of the need to immediately secure vulnerable machines on their networks.
Vulnerability | Impact | Windows | Windows | Windows | Windows |
RPC | Remote | None | Critical | Critical | Critical |
LSASS | Remote | None | Critical | Critical | Low |
Metafile | Remote | Critical | Critical | Critical | None |
Local | Privilege | Important | Important | None | None |
Virtual | Privilege | Important | Important | None | None |
RPCSS | Denial | None | Important | Important | Important |
Prevention:
The most effective way to protect vulnerable systems is to apply the hotfixes released by Microsoft. The hotfixes will remediate these vulnerabilities, and can be found here:
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
Retina Network Security Scanner
Retina has been updated to check for all of the above vulnerabilities. These checks are included in Retina versions 4.9.194 and higher. Retina is the only scanner that is 100% non-intrusive and can scan remotely without administrative access. For a comprehensive list of Retina audits click here:
http://www.eeye.com/html/mkt/gen/AprilAdv.html
Links:
Microsoft DCOM RPC Memory Leak
Microsoft DCOM RPC Race Condition
Windows Local Security Authority Service Remote Buffer Overflow
This alert was last updated on April 13, 2004.
