News Stay informed about the latest enterprise technology news and product updates.

Microsoft releases four critical patch updates

The security patches Microsoft released Tuesday include four critical fixes for Windows and Content Management Server. One expert described two of the flaws as very wormable.

Microsoft released five new security updates Tuesday, four of them for critical flaws in Windows and Content Management...

Server. Attackers could exploit all of the flaws to take complete control of targeted machines, the software giant warned.

One security expert described two of the flaws as "very wormable" because they are server-side glitches attackers can exploit remotely without the user getting involved.

The new patches arrive as IT administrators continue to test and install the fix released last week in MS07-017, which addressed a widely-attacked flaw in the way Windows handles animated cursor (.ani) files.

Four critical updates
Microsoft described the critical flaws addressed Tuesday as those an attacker could exploit to take complete control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.

Windows ANI flaw:

Windows ANI patch problems reported: Some IT administrators are having trouble installing the Windows ANI patch. Meanwhile, the researcher who discovered the flaw said Firefox is also vulnerable.

Microsoft releases patch for Windows ANI flaw
: Security companies are seeing massive attacks against the Windows ANI zero-day flaw, prompting Microsoft to rush out a fix a week before Patch Tuesday.

Microsoft warns of Windows zero-day; third-party fix released: Attackers are exploiting a new zero-day flaw in Windows, Microsoft confirmed Thursday. eEye Digital Security has released a temporary patch.

MS07-018 fixes flaws in Microsoft Content Management Server 2001 Service Pack 1 and 2002 Service Pack 2. One problem is in how the server handles a specially crafted HTTP request. It is also prone to a cross-site scripting and spoofing vulnerability. If a malicious script is run, attackers could execute malicious code in the security context of the user. Microsoft did note that attempts to exploit this flaw require user interaction.

MS07-019 fixes a flaw in how the Windows Universal Plug and Play service handles specially crafted HTTP requests. The problem affects Windows XP Service Pack 2, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2.

Eric Schultze, chief security architect at Shavlik Technologies LLC, in Roseville, Minn., said the flaws in MS07-018 and MS07-019 are the most wormable holes he has seen in some time.

"Both are server-side attacks that could be remotely exploited over the Internet without the user doing anything," he said. "Every XP box on the planet is vulnerable to the Plug and Play flaw. Attackers will be very excited about these."

MS07-020 fixes a glitch in how the Microsoft Agent handles certain specially crafted URLs. This affects Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003, Windows Server 2003 Service Pack 1, Server 2003 Service Pack 2, Windows Server 2003 x64 Edition with Service Pack 1;Windows Server 2003 x64 Edition with Service Pack 2, Windows Server 2003 for Itanium-based Systems, Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems.

MS07-021 fixes flaws in how the Windows Client/Server Run-time Subsystem (CSRSS) handles error messages and connections during the startup and stopping of processes. The problems affect all versions of Windows, including Vista.

Important update
The software giant released an update rated important this month. MS07-022 fixes a privilege elevation vulnerability in the Windows Kernel due to incorrect permissions on a mapped memory segment. The flaw affects Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003, Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2.

Schultze expects exploit code for all five issues to flood the Internet over the next few weeks. But MS07-018 and MS07-019 are the ones IT administrators should install first.

"I would patch the first two right away," he said. "If you have an XP system and the firewall isn't turned on, it may no longer be your XP system."

Dig Deeper on Microsoft Windows security



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.