Windows 2000 / XP Users >>>

sdm

sdm

This is Dog Fort
VIP Junglist
Joined
Nov 29, 2001
Multiple Vulnerabilities in Microsoft ASN.1 Library

Original issue date: February 10, 2004
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows NT 4.0
* Microsoft Windows NT 4.0 TSE
* Microsoft Windows 2000
* Microsoft Windows XP
* Microsoft Windows Server 2003

Overview

Multiple integer overflow vulnerabilities in the Microsoft Windows
ASN.1 parser library could allow an unauthenticated, remote attacker
to execute arbitrary code with SYSTEM privileges.

Description

Microsoft Security Bulletin MS04-007 announces a patch for multiple
vulnerabilities in the Microsoft Windows ASN.1 library
(msasn1.dll). According to information from eEye Digital Security,
the vulnerabilities involve integer overflows and other flaws in
integer arithmetic. The latest version of this document can be
found at

http://www.us-cert.gov/cas/techalerts/TA04-041A.html

Any application that loads the ASN.1 library could serve as an attack
vector. In particular, ASN.1 is used by a number of cryptographic and
authentication services such as digital certificates (x.509),
Kerberos, NTLMv2, SSL,and TLS. Both client and server systems are
affected. The Local Security Authority Subsystem (lsass.exe) and a
component of the CryptoAPI (crypt32.dll) use the vulnerable ASN.1
library.

Impact

An unauthenticated, remote attacker could execute arbitrary code with
the privileges of the process using the ASN.1 library. In the case of
most server and authentication applications, an attacker could gain
SYSTEM privileges.

Solution

Apply a patch

Apply the appropriate patch as specified by Microsoft Security
Bulletin MS04-007.

Vendor Information

This appendix contains information provided by vendors. When vendors
report new information, this section is updated and the changes are
noted in the revision history. If a vendor is not listed below, we
have not received their comments.

Microsoft

Please see Microsoft Security Bulletin MS04-007.
Click to expand...
Get to Windows Update and run the 'Critical Updates' as soon as possible (y)
 
I've been using Zone Alarm for quite a while. The best thing about it is that its free. Another indispensible program is Ad-aware 6.
 
MiL0 said:
Anyone know how to install this patch on over 500 pcs without visiting each one?
:thumbsd:
Click to expand...
Ha! No. Our admin here does Windows Updates individually.

You can schedule the PC's to do it automatially in the Windows Update options, but when they're all downloading the patch at the same time your Internet connection will get rinsed!
 
sdm@work said:
Ha! No. Our admin here does Windows Updates individually.

You can schedule the PC's to do it automatially in the Windows Update options, but when they're all downloading the patch at the same time your Internet connection will get rinsed!
Click to expand...


I'm on a dial up network & that took a life time just to install three or four patches at the same time. Broadband would be quicker but the only other option to have 500 PC's patched quicker would be a sepearate line for each one & that equals dollars!!
 
It's Microsoft. Nuff said.


There are ways to mass-install Windows Update patches... They involve silent installs using commandline switches placed into the startup scripts file on Windows NT-based networks. I won't go into details here though, frankly because I cannot be arsed. :P
 
Back
Top Bottom