Solve : Microsoft Windows vulnerability - Highly Critical!!!? – InterviewSolution

1.	Solve : Microsoft Windows vulnerability - Highly Critical!!!?
Answer» Microsoft Windows NNTP Response Handling BUFFER Overflow SECUNIA ADVISORY ID: SA27112 VERIFY ADVISORY: http://secunia.com/advisories/27112/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote OPERATING SYSTEM: Microsoft Windows 2000 Professional http://secunia.com/product/1/ Microsoft Windows 2000 Datacenter Server http://secunia.com/product/1177/ Microsoft Windows 2000 Advanced Server http://secunia.com/product/21/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Vista http://secunia.com/product/13223/ Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows 2000 Server http://secunia.com/product/20/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Storage Server 2003 http://secunia.com/product/12399/ SOFTWARE: Microsoft Outlook Express 5.5 http://secunia.com/product/189/ Microsoft Outlook Express 6 http://secunia.com/product/102/ DESCRIPTION: VeriSign iDefense Labs has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in inetcomm.dll when processing NNTP (Network News Transfer PROTOCOL) responses. This can be exploited to cause a heap-based buffer overflow by returning more data than requested by the client. Successful EXPLOITATION may allow execution of arbitrary code when a user e.g. visits a malicious website. SOLUTION: Apply patches. Windows 2000 SP4 and Outlook Express 5.5 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=5AA009C9-4EDC-4F34-989B-0493549649E8 Windows 2000 SP4 and Outlook Express 6 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=b537115d-611c-4486-960c-08d2df450579 Windows XP SP2 and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=3ed7f466-78c7-4251-ba24-8ae71ad54e18 Windows XP Professional x64 Edition SP2 and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=6468a552-2194-4866-97d5-ff77ae205eea Windows Server 2003 SP1 and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=708926e4-f8af-4533-8747-22d6536ebd66 Windows Server 2003 SP2 and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=708926e4-f8af-4533-8747-22d6536ebd66 Windows Server 2003 x64 Edition and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=26720f5a-d7e9-44b9-9330-2e9faa4af0d9 Windows Server 2003 x64 Edition SP2 and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=26720f5a-d7e9-44b9-9330-2e9faa4af0d9 Windows Server 2003 with SP1 for Itanium-based systems and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=a8844fbb-5b2c-41f3-80f1-dce563aa7cb7 Windows Server 2003 with SP2 for Itanium-based systems and Outlook Express 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=a8844fbb-5b2c-41f3-80f1-dce563aa7cb7 Windows Vista and Windows Mail: http://www.microsoft.com/downloads/details.aspx?FamilyId=b6ac8d93-adc3-4ec3-bad1-4990bd7d52b4 Windows Vista x64 Edition and Windows Mail: http://www.microsoft.com/downloads/details.aspx?FamilyId=34aaf9dd-4d63-43e2-b631-bbf492d56a26 sooo what does this mean??? ;Dlol You have to apply APPROPRIATE for your OS patches.

Discussion

No Comment Found

Related InterviewSolutions