Xtra News Community 2
April 19, 2024, 10:58:57 pm
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Xtra News Community 2 — please also join our XNC2-BACKUP-GROUP.
 
  Home Help Arcade Gallery Links BITEBACK! XNC2-BACKUP-GROUP Staff List Login Register  

Microsoft XP/WIN2003 - Serious Security Hole

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Microsoft XP/WIN2003 - Serious Security Hole  (Read 694 times)
0 Members and 1 Guest are viewing this topic.
DazzaMc
Don't give me Karma!
Moderator
Absolutely Fabulously Incredibly Shit-Hot Member
*
Posts: 5557
« on: July 07, 2009, 07:59:57 pm »
APPLIES TO
Microsoft Windows Server 2003 Service Pack 2, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional


Microsoft sounds computer security alarm

SAN FRANCISCO (AFP) — Microsoft has warned of a flawed software in Internet Explorer that hackers can exploit to take over some computers.

The vulnerability was found in a program used in the popular web browser to play video on computers running with Windows XP or Windows Server 2003 operating systems, Microsoft said in a warning posted online.

"An attacker who successfully exploited this vulnerability could gain the same user rights as the local user," the software giant warned in a security bulletin. "We are aware of attacks attempting to exploit the vulnerability."

Microsoft said it was working with partners to patch the weakness in ActiveX Video Control involved in capturing, recording or playing video and is also a main component of Windows Media Center.

Microsoft advised users to deactivate ActiveX Video Control until a fix is available.

"When the ActiveX control is used in Internet Explorer, the control may corrupt the system state in such a way that an attacker could run arbitrary code," the Redmond, Washington-based company said.

"Microsoft is currently working to develop a security update for Windows to address this vulnerability."

Hackers can take advantage of the vulnerability when Internet users visit websites that have been booby trapped with malicious code. Unsuspecting computer users may get emails enticing them to visit hazardous websites.

Attackers taking advantage of the vulnerability could install programs; view, change or delete data; or create new accounts with full user rights, according to Microsoft.

http://www.google.com/hostednews/afp/article/ALeqM5j9Bp9uJgDXSz0t_uNQGzk2x-f32A


Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution
Published: July 06, 2009

Version: 1.0

Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.

We are aware of attacks attempting to exploit the vulnerability.

Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.

Customers may prevent the Microsoft Video ActiveX Control from running in Internet Explorer, either manually using the instructions in the Workaround section or automatically using the solution found in Microsoft Knowledge Base Article 972890. By preventing the Microsoft Video ActiveX Control from running in Internet Explorer, there is no impact to application compatibility.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Microsoft is currently working to develop a security update for Windows to address this vulnerability and will release the update when it has reached an appropriate level of quality for broad distribution.

Mitigating Factors:

• Customers who are using Windows Vista or Windows Server 2008 are not affected because the ability to pass data to this control within Internet Explorer has been restricted.
 
• By default, Internet Explorer on Windows Server 2003 and 2008 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running specially crafted Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.
 
• By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario.
 
• In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
 
• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. 

http://www.microsoft.com/technet/security/advisory/972890.mspx


Now that that's freaked you out a little....

How To Fix

Lol... this is easy....
 Cheesy

Go here - Microsoft Security Advisory and click on the "Fix this problem" under "Enable workaround" and install the patch.

Microsoft will release a real patch once they have the hole plugged up.


All sorted!
 Grin
Report Spam   Logged
Reality is merely an illusion, albeit a very persistent one.

Share on Facebook Share on Twitter


Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by EzPortal
Open XNC2 Smileys
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum


Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.031 seconds with 18 queries.