Financial Applications Security Weblog
Secure Applications for Open Markets
April 2002
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        
Mar   May

Home
Advisories
Web Services
Web Servers
Middle Tier
Databases
Mobile
Identification
Investment Banking Technologies
Retail Banking
Payment Systems
XML




Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.

Click on the coffee mug to add Pelle Braendgaard's Instant Outline to your Radio UserLand buddy list. 		 
 

01 April 2002
 

While we're on the subject of MS holes...

I'm not going to be covering these IE holes regularly as they are already heavily published elsewhere and MS are doing a pretty good job now a days at getting them out to users. But a couple of new problems are now covered by their latest IE Cumilative Patch. If you are using any IE5 or up on your machine or as part of the standard windows build in your company, you probably should install the patch.

I'm not blaming MS for these holes, as I've said they've started to do a pretty good job. They did have some stupid ones in the past, but we can work with them now. In a complex piece of software like IE6, which consists of many different subcomponents its hard to find all of the problems up front.

That said, these problems together with last years email panics, should help to underline why we need to protect our systems more than ever. The default approach I see many places is that companies panic and shut down net traffic all together. Thats not good for the business, the employees or the customers of the company. We are all part of the net now, and we should embrace that fact as an opportunity rather than a threat. What that does call for though is well thought out business applications and procedures.

 


6:32:54 PM      comment []  

Local Security Vulnerability in Windows NT and Windows 2000

DebPloit uses a hole in the NT/2000 debugging subsystem and allows ANY user
with ANY privileges (even Guest and Restricted user) to execute processes in
the security context of an administrator or a local system (SYSTEM) account.
In other words, any person who have an access to the local computer can
became an administrator and do everything he/she wants. [Bugtraq]

This could obviously  be an issue anywhere where NT Servers are used. I've verified it and it appears to work. The Authors of the exploit have an intermediate fix as well untill MS comes out with a bugfix. The source is available for the fix, so you might want to check it and compile it yourself. The risk of installing a third party fix like this might be even greater than the hole itself. You call the punches.

 


6:16:36 PM      comment []  


© Copyright 2002 Pelle Braendgaard.
Last update: 01/04/2002; 18:16:36. <