New Microsoft flaw exposes servers
Published: 24 Jan 2003 08:24 GMT
Microsoft warned system administrators on Wednesday that a new flaw in its Windows 2000 and NT domain controllers could leave their networks open to attack.
The vulnerability affects the Windows Locator service, software that translates network names into the addresses of actual resources, such as disks and printers, on a company's local area network.
"An attacker who successfully exploited this vulnerability could cause the Locator service to fail, or could cause code of the attacker's choice to be executed with system privileges," the software giant said in the security bulletin. "Customers running Windows NT 4.0 domain controllers or Windows 2000 domain controllers should apply the patch immediately."
The vulnerability is the first flaw this year to be classified by Microsoft as "critical" -- a rating that denotes a problem that could be exploited by an attacker to gain control of a computer. The company changed its classification system last November, adding an "important" rating below the "critical" rating, in an attempt to flag only the most important flaws with the most severe level.
The flaw occurs because the software doesn't check all the parameters sent to the service as part of a request to register information. By carefully crafting the data, an attacker can cause a condition known as a "buffer overflow," where the software can be forced to crash or execute code appended to the data.
"A properly configured firewall would block the calls to the Locator service, which would protect an affected machine from an Internet-based attack," stated the advisory. "An attacker would be much more likely to attempt to exploit this vulnerability from an organization's internal network."
Other versions of Windows could be affected, but only if the user installs the Locator service, which is not on by default.
The advisory comes a week after the software giant celebrated the first anniversary of the e-mail memo sent by Chairman Bill Gates, exhorting company employees to focus on security, privacy and reliability. While many changes have taken place at the company, the pace at which bulletins about vulnerabilities hasn't slowed noticeably.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
35 out of 50 people found this useful
- Share this article:
