Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

New Microsoft Vulnerabilities, get patches now

  • 15-09-2003 6:44pm
    #1
    Registered Users, Registered Users 2 Posts: 15,956 ✭✭✭✭


    Ok I'm sure any of you tech people will have these vulnerabilities well covered but just incase people don't:

    1:Microsoft Windows DCERPC DCOM Heap Overflow Vulnerability

    This is a similar vulnerability to the one that the Blast/Lovesan worms took advantage of. At the moment there is no known worm that takes advantage of the vulnerability but IT experts reckon a new worm is less than a week away. Also the Blaster and Lovesan worms could potentially be altered to exploit the vulnerability.

    Microsoft has released a patch (MS03-039) to protect operating systems from being exploited.

    2:Microsoft Visual Basic For Applications Document Handling Buffer Overrun Vulnerability

    This vulnerability affects the following applications Office 97, 2000, and XP, Word 98 (J) Visio® 2000 and 2002 Project 2000 and 2002 and some other non-sunlife standard applications.

    There are no known exploitations for this vulnerability. If one is created it will come in the form of a .VBS attachement via email. When the user launches the attachement the VBS file will allow a remote user access to the comupter.

    Microsoft has issued patches (MS03-037) for this vulnerability. PCI and rollout are almost ready to send these out. The rollout will be in three phases. The first patch will be for all Office 2000 users. This is scheduled for later this week.
    The 2nd patch will be for Office 97 users (Old Sunlife PC's), and the 3rd patch is for Project 2000. The 2nd and 3rd patches are not scheduled yet. They are waiting for the first rollout to be completed and will then send the 2nd and 3rd. A knowlix solution will be provided closer to the rollout.

    Zip File attached has detailed info on both the later one is in PDF format


Advertisement