ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

Microsoft releases critical patches

Ina Fried CNET News.com

Published: 13 Apr 2005 10:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Microsoft on Tuesday released a slew of security patches, five of them critical, as part of its monthly update.

The updates include "critical" fixes to Windows' TCP/IP networking, Internet Explorer, MSN Messenger, Office and Exchange Server. "Critical" is the company's highest severity rating. Three other Windows security holes are rated as "important," the next highest rating.

In each case, Microsoft said the flaws, if exploited, could enable an attacker to take remote control of a vulnerable machine.

In general, Microsoft said it is making progress on security issues. Stephen Toulouse, security program manager with the Microsoft Security Response Centre, noted that many of the flaws that were rated critical had lower ratings for those running the latest versions of Microsoft's software.

With the vulnerability in the Exchange Server software for managing email, contact lists and calendars, for example, Toulouse said that it is rated only "moderate" for those running Exchange Server 2003. Similarly, no immediate attention was needed on the Windows flaws for those running the just-released Windows Server 2003 Service Pack 1.

Worming into Exchange?
Atlanta-based Internet Security Systems (ISS), which was credited for discovering the Exchange vulnerability last year, said it is concerned that now that the details of the Exchange fix are out there, a worm could be created that exploits the flaw, and such a bug could quickly do damage.

"There is no user interaction required to exploit the vulnerability," said Neel Mehta, team leader of advanced research for ISS' X-Force unit.

Toulouse said it is difficult to say whether the Exchange vulnerability could lead to a new worm.

"It's really hard to speculate on what an attacker might do," he said. He noted that he has not seen any discussion of such a bug, nor has there been any proof-of-concept code. "What we are doing right now, and what we do after every release, is to watch."

ISS also found the flaw in TCP/IP networking. Mehta said it appeared to be more difficult to exploit, but the danger is greater as it is so widely used.

"Every networked Windows computer is using this," Mehta said. "It's not something you can turn off."

With the Internet Explorer bug, Toulouse said that someone who visits a specially configured Web site could then have malicious code executed on their machine. As for the Office vulnerability, Toulouse said that any attack would have to involve someone receiving and opening a maliciously constructed Word file.

Higher risk
In response to the new flaw disclosures, Symantec raised its overall "ThreatCon" security level for the computer industry.

"It is important that both home users and enterprises take proactive steps to deploy these patches," Oliver Friedrichs, senior manager at Symantec Security Response, said in a statement. "The vulnerabilities announced by Microsoft today can result in broad exposure to blended threats and worms, as well as denial-of-service attacks."

In addition to those patches, Microsoft is releasing two high-priority upgrades unrelated to security. One is for the Windows Installer and the other is for the Background Intelligent Transfer Service, which Microsoft uses to allow piecemeal downloading of software updates.

The software maker said last week to expect the eight security patches, as well as the other updates, but did not offer details.

In March, the company took a break from its monthly routine of security releases and did not issue any patches. The prior month, Microsoft had a dozen fixes in its regularly scheduled release and later plugged a hole in the DRM technology within Windows Media Player.

Microsoft also revamped its technology for removing malicious code, a sort of basic antivirus tool for cleaning up infections. The software now removes Hacker Defender, Mimail and Rbot, as well as new variants of the Berbew, Bropia Gaobot, MyDoom and Sober worms, the company said.

People can get the patches at Microsoft's Web site or set their systems to automatically update.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
52 out of 109 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Desktop platforms


Company/Topic Alerts

Create a new alert from the list below:





Related Jobs

Network Security Engineer

Systems Administrator (Windows Server Administrator, Exchange, TCP/IP)

FIREWALL ENGINEER TCP/IP ROUTING PROTOCOL DNS CHECKPOINT SURREY

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.