It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
New MS Windows Flaws 4/13/2004
page: 10
share:
The software security firm eEye� Digital Security has announce the existence of six new vulnerabilities in Microsoft Windows operating systems. The
announcement coincides with the release of software patches to fix the vulnerabilities. These security flaws could allow an attack to gain complete
control over an unpatched system. The timing is important development because the period of time between the confirmation of a vulnerability and the
appearance of code -usually in the form of a virus, worm, or script- to exploit it has decreased to a matter of days versus the weeks once required.
The eEye article also states that two of the six flaws were discovered 200 days prior to the release of patches. Although not implicitly stated
in this announcement, eEye generally make the vendors of a vulnerable software package well before the public announcement. Users of MS Windows should
apply these patches immediately. They are available for manual download or via the built-in �Windows Update� feature.
eEye
eEye� Digital Security, a leading developer of network security software solutions, today announced the discovery of six new vulnerabilities related to Microsoft (NASDAQ: MSFT) Windows�. The critical discoveries include dangerous flaws in Windows Remote Procedure Call (RPC), Local Security Authority Subsystem Service (LSASS), and in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats. These critical security flaws affect unpatched Windows NT, 2000, XP and Windows Server 2003 machines. eEye�s research team discovered two of the most critical vulnerabilities as early as September 2003. The patch for these vulnerabilities released today comes more than 200 days after eEye�s discovery.
MS Announcement MS04-011
MS Announcement MS04-012
eEye
eEye� Digital Security, a leading developer of network security software solutions, today announced the discovery of six new vulnerabilities related to Microsoft (NASDAQ: MSFT) Windows�. The critical discoveries include dangerous flaws in Windows Remote Procedure Call (RPC), Local Security Authority Subsystem Service (LSASS), and in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats. These critical security flaws affect unpatched Windows NT, 2000, XP and Windows Server 2003 machines. eEye�s research team discovered two of the most critical vulnerabilities as early as September 2003. The patch for these vulnerabilities released today comes more than 200 days after eEye�s discovery.
MS Announcement MS04-011
MS Announcement MS04-012
In addition to the flaws resulting from the eEye discoveries, Microsoft has released patches for other security holes affecting every version of
Windows to one degree or another. These include Outlook Express (included with Windows) HTML handling even if it isn't used as the default e-mail
software on your system and the Microsoft Jet Database Engine. The total number of vulnerabilities in the four security bulletins released today
totals 20 separate flaws in Windows and Outlook Express.
These patches can be obtained using "Windows Update."
Microsoft Security Bulletin MS04-013
Microsoft Security Bulletin MS04-013
These patches can be obtained using "Windows Update."
Microsoft Security Bulletin MS04-013
Microsoft Security Bulletin MS04-013
new topics
-
Thanksgiving 2024
Member Art: 1 hours ago -
The art of being offended
Social Issues and Civil Unrest: 3 hours ago -
FLORIDA Sues Biden-Harris FEMA for Denying Disaster Assistance to Homeowners with TRUMP Signs.
US Political Madness: 4 hours ago -
Turns out, they planned to go after P-nut.
US Political Madness: 8 hours ago
0