<$BlogRSDURL$>

Wednesday, August 10, 2005

Six Security Patches for Windows 

Heads up: 6 New Micosoft
Critcle Patches
Relesed Yesterday.

blogs.washingtonpost.com/securityfix/2005/08/as_promised_mic.html


Six Security Patches for Window
s
As promised, Microsoft Corp.
today released a bundle of six software
security updates for computers running its

Windows operating systems,
including three patches that earned its most
severe "critical" rating.

The free patches, available for download
through the


Microsoft Update Web site
,
include


a patch bundle for Microsoft's
Internet Explorer Web browser
.
Because these flaws could be exploited by
attackers to take complete control of
vulnerable Windows computers, and because
Web browser traffic is allowed by default
through most firewalls, it is important not
to put off installing these patches. "Aha!
But I don't use IE, I use Firefox," you say?
Well, even still, you've got to apply these
patches: A long list of other programs in
Windows use IE or the engine that drives IE
as their default display application.

Another vulnerability detailed today that
should be of concern for home and business
Windows users is a flaw in the "
plug-and-play"
function of Windows, a process that -- as
its name suggests -- figures out what to do
with new hardware devices when users plug
them into Windows machines. PNP, as it turns
out, relies a service deeply embedded into
Windows machines called "
remote
procedure call" or RPC for short.
RPC flaws in Windows have been exploited by
some of the most successful and infamous
Internet worms to date, including "
Blaster,"
"
Sasser" and their many
variants. This particular flaw has been
present in Windows for several years, and
exists on Microsoft PCs dating back to
Windows 2000.

Exactly why a so-called "local service"
like plug-and-play needs to be connected to
RPC -- which was designed to let Windows
computers communicate remotely over a
network -- still has me a bit stumped.
Nevertheless, do not delay installing this
patch, as some security experts say it won't
be long before the bad guys start exploiting
it.

"Pretty much anyone who can write Windows
exploits can take advantage of this flaw,"
said
Marc Maiffret, chief
hacking officer for
eEye Digital
Security. The IE flaws and the plug
and play vulnerability "means attackers can
pretty much break into any Windows system
right now," he said.

The final critical flaw deals with a
security glitch in the way Windows handles

network printer requests
that could
expose companies to attackers. However,

Stephen Toulouse, security
program manager for Microsoft, said this
vulnerability -- as well as the
plug-and-pray vulnerability -- have a number
of mitigating factors that could make them
harder for hackers to exploit.

As I mentioned in

an earlier post
, if you plan to get the
patches by visiting the Microsoft Update Web
site, you will be required to first
participate a program Microsoft has started
that checks to see if you're running a
pirated version of Windows. If you fail this
test, you will be barred from downloading
patches directly from Microsoft (or anything
else for that matter). However, if you are
using
Windows 2000 or a
later version of Windows (
XP,

Server 2003), you can still
get all of the patches by turning on

automatic updates
.

UPDATE, AUG. 10, 1:23 P.M.: Apparently,
some readers have

had trouble
downloading the IE patch
bundle. According to the

Microsoft Internet Explorer Weblog
the
patches had to be yanked after a glitch
caused "some of the updates to be corrupted,
breaking the digital signature and
preventing them from installing. The updates
available on Microsoft Update and Windows
Update are not affected and are installing
properly." The blog says Microsoft has
identified the problem, removed the affected
updates from the Download Center and will
repost them shortly to correct the issue.

REPLY:From Fourm member
I was told by a Microsoft insider to block all ports apart from port 80 and if a program wanted to use another port I had to do a port relay or something to make the program think that another port was being used but it was really using port 80. He told me that Microsoft had all sorts of hidden things that allowed Microsoft to access a Windows PC at any point and they did not use port 80 so it was safe to allow port 80. He used to work at Microsoft breaking into people's computers and I believe him because he knows what he is talking about and he showed me my computer on his laptop which he basically done unauthorised without my knowledge before when I was spoofing e-mails around my college to my mates for a joke. Nothing was ever done about any of us because we were both in the wrong.

Comments: Post a Comment

This page is powered by Blogger. Isn't yours?

  • C3's Sports


    Archives



     StumbleUpons Tweaks & Tricks
    .........
    Discussion

    C3's Digg Feed  

    C3's Delicious Feed

  • C3's Sports

    C3's Clips and Games

    C3's Technology Thats on Fire