Multiple Vulnerabilities in Microsoft Windows - 21 Apr 2004

Reported April 13, 2004, by Microsoft.

VERSIONS AFFECTED

·        Windows Server 2003

·        Windows XP

·        Windows 2000

·        Windows NT Server 4.0 Service Pack (SP) 6a

·        Windows NT Server 4.0, Terminal Server Edition (WTS) SP6

·        Windows NT Workstation 4.0 SP6a

·        Microsoft Windows Me

·        Microsoft Windows 9x

·        Microsoft NetMeeting

DESCRIPTION

Fourteen new vulnerabilities exist in Windows, the most serious of which could result in the remote execution of arbitrary code on the vulnerable system with SYSTEM privileges. These 14 vulnerabilities consist of:

·        Local Security Authority Subsystem Service (LSASS) vulnerability

·        Lightweight Directory Access Protocol (LDAP) vulnerability

·        Private Communications Technology (PCT) vulnerability

·        Winlogon vulnerability

·        Metafile vulnerability

·        Help and Support Center vulnerability

·        Utility Manager vulnerability

·        Windows Management vulnerability

·        Local Descriptor Table vulnerability

·        H.323 vulnerability

·        Virtual DOS Machine (VDM) vulnerability

·        Negotiate SSP vulnerability

·        Secure Sockets Layer (SSL) vulnerability

·        ASN.1 "Double Free" vulnerability

VENDOR RESPONSE

Microsoft has released Microsoft Security BulletinMS04-011, "Security Update for Microsoft Windows (835732)," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by Carlos Sarraute, Internet Security Systems, Ondrej Sevecek, Jouko Pynnönen, Brett Moore, Cesar Cerrudo, Ben Pryor, Erik Kamphuis, NSFOCUS Security Team, John Lampe, Foundstone Labs, Qualys and eEye Digital Security.