December 9th, 2008 . by DarkFiber Consulting
Microsoft has released Security Advisory 960906 to address reports of a vulnerability in the WordPad Text Converter for Word 97 files. The advisory indicates that Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are affected by this vulnerability. Exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code or obtain local user rights. Additionally, Microsoft indicates that they are aware of limited and targeted attacks using this vulnerability.
DarkFiber Consulting encourages users to review Microsoft Security Advisory 960906 and implement any necessary Suggested Actions to help mitigate the risks.
DarkFiber Consulting will provide additional information as it becomes available.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Pack 2 Windows • Service Pack 1 • Service Pack 2 • Service Pack 4 • Text Converter • Vulnerability Exploitation • Windows 2000 • Windows 2000 Service • Windows 2000 Service Pack • Windows Server • Windows Xp • Windows Xp Service Pack • Word 97 • Xp Service Pack 2
October 27th, 2008 . by DarkFiber Consulting
Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.
Additional information regarding the Windows Server Service vulnerability is available in:
Posted in Security Alerts | No Comments »
Tagged With: Arbitrary Code Execution • Current • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Microsoft Security Bulletin • Server Service • Service Vulnerability • Vulnerability Note • Windows 2000 • Windows 2000 Xp • Windows Server • Workarounds
October 23rd, 2008 . by DarkFiber Consulting
Microsoft has released Security Bulletin MS08-067 to address a vulnerability in the Windows Server Service. This vulnerability is due to improper handling of specially crafted RPC requests. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletin MS08-067 and apply any necessary updates to help mitigate the risks.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Microsoft • Microsoft Security Bulletin • Necessary Updates • Server Service • Vulnerability • Windows Server