On CHOW: Should you treat your jobless friends?
BNET Business Network:
BNET
TechRepublic
ZDNet
50 TalkBacks

By Robert Lemos
Posted on ZDNet News: Jan 14, 2004 1:24:00 AM

Microsoft released patches on Tuesday for three flaws, the most serious of which could give attackers a back door into the company's security server product.

The most major flaw affects Microsoft's Internet Security and Acceleration Server 2000, which is included with Small Business Server 2000 and 2003 editions. The flaw lies in the way a filter in the server product's firewall processes data formatted in the real-time multimedia communications standard, known as International Telecommunications Union (ITU) H.323.


Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.
Internet Security and Acceleration Server is designed to help protect companies' networks from online attacks.

"It is kind of the same situation that we have seen--a certain level of human error is going to be present, and that is true even for security software," said Stephen Toulouse, security program manager at Microsoft.

The H.323 flaw was found by the National Infrastructure Security Co-ordination Centre, the United Kingdom's Internet infrastructure protection agency, and researchers from the University of Oulu, in Finland.


Get Up to Speed on...
VoIP
Get the latest headlines and
company-specific news in our
expanded GUTS section.
Many companies, primarily makers of voice over Internet Protocol equipment, also likely are affected by the issue--but to a lesser extent than Microsoft's product.

The other flaws the software giant announced include a vulnerability in the Microsoft Data Access Component software in Windows 2000 and XP, along with Microsoft's SQL Server 2000 and Windows Server 2003. The flaw could allow an attacker to take over a vulnerable system--only after successfully disguising the attacking computer as an SQL server. Because of the complexity of the attack, Microsoft graded the flaw as "important," not critical.

The last vulnerability, in Exchange Server 2003, allows an attacker to abuse the Online Web Access module to access the e-mail in-box of another random user who recently accessed the server.

"The end result is that an attacker could, under certain circumstances, get access to a complete random user," Microsoft's Toulouse said.

Microsoft posted discussions and patches for the products on its Web site and will automatically provide fixes to its customers through its update service.

Along with the three vulnerabilities, Microsoft re-released another patch that had caused computers that run Windows in Hebrew, Arabic and Thai to crash.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 50 Talkback(s)
Read it again
it is a flaw in Microsofts implementation of h.232 in ISA Server, but the flaw is not in the H.232 service itself, but in the Firewall Filter.

Meaning you may not have the H.232 service install... (Read the rest)
Posted by: JoeMama_z Posted on: 01/15/04 You are currently: a Guest | | Terms of Use
Yippee!!!  Martin Marvinski | 01/13/04
typical  stephen732@... | 01/13/04
I've noticed  Immanuel Tranz-Mischen | 01/14/04
Protocol Vuln Not M$ Fault  jjworleyeoe | 01/14/04
Protocol Vuln Not M$, Cisco, etc. Fault  jjworleyeoe | 01/14/04
actually....  JoeMama_z | 01/14/04
Um... Not  jjworleyeoe | 01/15/04
Read it again  JoeMama_z | 01/15/04
Where is bitty?  NoB$ | 01/13/04
THIS explains Microsuck's whole problem !  realitycheck101 | 01/14/04
YEAHRIGHT ...... YAWRONG  Prognosticator | 01/14/04
you're story has flaws  stephen732@... | 01/14/04
contempt?  JoeMama_z | 01/14/04
And one other thing ...  coffeenite | 01/14/04
Please...get real  NemesisNL | 01/14/04
Another nail in Lindows coffin  FilledOut | 01/14/04
Where's the next nail going?  voska | 01/14/04
Win 98 not listed here??  nite_w0lf | 01/14/04
Win9X isn't server software  voska | 01/14/04
Oh, yeah?  Martin Marvinski | 01/14/04
Ever use PWS  voska | 01/14/04
Win9X isn't server software neither is XP  nite_w0lf | 01/14/04
9x isn't NTFS  Trentito | 01/14/04
NTFS is a file system  JoeMama_z | 01/14/04
most viruses?  JWatson77 | 01/14/04
noted  JoeMama_z | 01/14/04
NT="New Technology"  doctormoriarty | 01/14/04
So then, what does NTFS stand for ...  coffeenite | 01/14/04
NTFS Definition  ShadeTree | 01/14/04
Wrong  Immanuel Tranz-Mischen | 01/14/04
No, no ... how about this ...  coffeenite | 01/14/04
NTFSDOS PRO  ShadeTree | 01/14/04
The Problem with Patching  WhoIsDaMan | 01/14/04
(NT) Catching up from the December lull in warnings that's all  Squawkbox | 01/14/04
Wasn't there a reported hole in IE still unpatched? Oh yeah there is  Squawkbox | 01/14/04
Oh yeah and this from the same story  Squawkbox | 01/14/04
re : Wasn't there a reported hole in IE still unpatched? Oh yeah there is  JWatson77 | 01/14/04
we have to install patches monthly  JWatson77 | 01/14/04
In theory....  JoeMama_z | 01/14/04
Given the security flaws, why use M.S. products?  Royk | 01/14/04
Maybe they know something you don't  ShadeTree | 01/14/04
Or vice versa  Immanuel Tranz-Mischen | 01/14/04
Or maybe it's because ...  coffeenite | 01/14/04
Here's why they use Microsoft.  voska | 01/14/04
maybe they just dont connect it to the internet.  nite_w0lf | 01/14/04
and people still use windows..  M_c | 01/14/04
Apple and Linux  voska | 01/14/04
Linux  yucantrak | 01/14/04
Ppl's perceptions of biz and community  FilledOut | 01/15/04
Supplimental to the story....  JoeMama_z | 01/14/04

What do you think?

SmartPlanet

Click Here