Microsoft announces 7 New Vulnerabilities

Today, Microsoft announced seven new product vulnerabilities - ranging from Moderate to Critical - along with patch information that impact both enterprise and consumer users. These newly announced vulnerabilities may be exploited remotely, which could allow denial-of-service attacks, and could result in the loss of confidential data. Symantec strongly advises users to apply security patches for these vulnerabilities immediately. Additionally, users and IT administrators should maintain firewalls and keep antivirus definitions up-to-date at all times.

"It is critical that users adhere to strict security best practices," said Vincent Weafer, senior director, Symantec Security Response. "Our security experts will continue to closely monitor for global activities for signs of attacks."

Please see below for detailed summaries of the top four vulnerabilities announced today.

1. Task Scheduler Vulnerability (841873) -- Microsoft Security Bulletin MS04-022 http://www.microsoft.com/technet/security/bulletin/ms04-022.mspx

Overview/Risk: A remote code execution vulnerability exists in the Task Scheduler because of an unchecked buffer. A buffer is a program that resides in memory that accepts data from external sources. Unchecked buffers are programs that do not include commands to check that the data is valid.

If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take control of an affected system.

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. An attack could only occur after a user has performed these actions.

Symantec Security Response has rated this threat at a High risk.

2. HTML Help Vulnerability (840315) - Microsoft Security Bulletin MS04-023 http://www.microsoft.com/technet/security/bulletin/ms04-023.mspx

Overview/Risk: The HTML Help vulnerability occurs because HTML Help does not completely validate input data.

If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take control of an affected system. As with the threat above, in a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability.

Symantec Security Response rates this threat as a High risk.

3. Windows Shell Vulnerability (839645) - Microsoft Security Bulletin MS04-024 http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx

Overview/Risk: A vulnerability in Windows Shell could allow remote code execution. Windows Shell is an add-on user interface for Windows.

If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges.

However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

Symantec Security Response has rated this threat at a Medium risk.

4. IIS Redirection Vulnerability (841373) - Microsoft Security Bulletin MS04-021 http://www.microsoft.com/technet/security/bulletin/ms04-021.mspx

Overview/Risk: An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could exploit the vulnerability by creating a specially crafted message and sending the message to an affected system, which could then cause the affected system to execute code.

Symantec Security Response has rated this threat at a Medium risk.

© Scoop Media