MS04-007 - the James Bond Microsoft Patch > Forums

Unanswered

Active Topics

Forums

Forums > Viruswarning Forum > Viruswarning archive

Subject: MS04-007 - the James Bond Microsoft Patch

Email me when someone replies to this thread.

You are not authorized to post a reply.

Author

Messages

Lee Drake
Posts:238

02/11/2004 8:35 PM
What it is Microsoft is making up for the breather it took in December from issuing patches with a vengeance -- the latest is MS04-007 (the seventh patch this year). This time the vulnerability is in a library of software called ASN.1. ASN is a library that is used to parse numbers and letters in various packages, including security and internet protocol drivers. Many of the routines that use it are authentication routines, intimately associated with logging into the system. As such server systems are more vulnerable because they run more of these types of services - but all machines (workstation and server) are vulnerable. The vulnerability might allow another worm to spread like the BLASTER worm last year - without having to download any programs or open any emails. If you'll remember the Blaster worm spread very quickly, and started just a couple of weeks after the vulnerability that it exploited was announced. As a result we strongly encourage everyone to download and apply the latest critical update from Microsoft on both their workstation and server products. This MS04-007 vulnerability affects the following systems: Windows NT (all versions) Windows 2000 (All versions) Windows XP (All versions) Windows 2003 (All versions) Note that because Microsoft no longer officially support Windows 9X products I cannot confirm at this time that Windows 9X products are not at risk. There is no known patch for Windows 9.X products for this vulnerability. What to do We recommend that you run windowsupdate on any system from the above list and accept all critical updates ( http://windowsupdate.microsoft.com ) . Patching this should be a top priority - this is a serious potential problem. This is especially true if you are administering a server based system. If you have a hardware firewall that will help prevent the spread of blaster like worms. In addition, on workstation systems, you may wish to activate the internal firewall on your internet connection if you haven't already. Right click on Network Neighborhood (or My Network Places) and choose properties. On that menu right click on your Ethernet connection and choose properties again. Click on the Advanced tab and check "Protect my computer by limiting or preventing access". Press the OK button. Note that this firewall is an incoming traffic only firewall, and activating it on a peer-to-peer network could prevent some things from working properly (such as shared printing or folders). If you are already running ZoneAlarm, BlackIce, Symantec Internet security or some equivalent personal software based firewall you do not need this extra protection. Anyone hit by the BLASTER worm last year will remember how much of a pain it was to recover from that bug. It continuously rebooted your machine if you were hooked to the internet and generally wreaked havoc. The next one could be just as bad - so patch it up today! If you got the little world in your system tray and the balloon that says "There are critical updates waiting to be applied" by all means - let them be applied. Note that you will need to reboot after you are finished with the update. More information http://windowsupdate.microsoft.com http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-007.asp Lee Drake Aztek Computer Solutions, Inc. 274 N. Goodman St Suite B269 Rochester, NY 14607 the human side of computing Email: ldrake@azcomputer.net Web: www.azcomputer.net Office Phone: 585-242-2060 Fax number: 585-242-9441

You are not authorized to post a reply.

Forums > Viruswarning Forum > Viruswarning archive > MS04-007 - the James Bond Microsoft Patch

ActiveForums 3.6