NTA Monitor

Latest News

New version of network scanning tool arp-scan released

15th March 2011 A new version of a respected and popular network scanning tool has been released. Read More

Tests show rise in number of vulnerabilities affecting web applications with SQL Injection and XSS most common flaws

1st March 2011 SQL injection and cross-site scripting (XSS) were the most common flaws found in web applications in 2010 according to results from tests carried out by NTA Monitor. Read More

Assess risk to manage effects of budget cuts

9th February 2011 Signs of economic recovery may be appearing in some industries, but for most organisations - particularly in the public sector - budget cuts and cost savings are here to stay for the foreseeable future. Read More

"Basic security threats not changed in 15 years"

1st February 2011 There may have been significant technological advances to the hardware and software organisations use, but according to Roy Hills, who co-founded NTA Monitor in 1996, the basic security threats have not changed in the last 15 years. Read More
Date: 2nd October 2006
Risk: High

Microsoft's September bulletin issued 3 security updates addressing Windows and Office vulnerabilities. One issue is critical, one important and one moderate.

The critical flaw occurs when Microsoft Publisher parses a file with a malformed string and if successfully exploited, could result in remote code execution. If a user with administrative user rights was logged onto a system, an attacker successfully exploiting this vulnerability could take complete control of an affected system. They would be able to view, change or delete data, create new accounts with full user rights and install and remove programs. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Affected software is Microsoft Office 2000 Service Pack 3, Office Publisher 2000, Microsoft Office XP Service Pack 3, Office Publisher 2002, Microsoft Office 2003 Service Pack 1 and Service Pack 2 and Office Publisher 2003

The important flaw was found in Microsoft Windows and if successfully exploited, could result in remote code execution. An attacker who sent a specially crafted multicast message to an affected system could execute code on that system. However, the MSMQ service, which is the Windows service needed to allow PGM communications, is not installed by default.

Affected software is Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2. Non affected software is Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition

The moderate flaw was found in the Indexing Service due to the way that it handles query validation. If an attacker successfully exploited the vulnerability, they could run client-side script on behalf of a user. The script could take any action that the user could take on the affected website.

Affected software is Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition.

Patches for these flaws are available from the Microsoft website at:

http://www.microsoft.com/downloads/results.aspx?displaylang=en&freetext=security_patch

References