Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities

Article

Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities

Robert Westervelt, News Editor
SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Critical zero-day flaws in Microsoft Service Message Block (SMB) and zero-day vulnerabilities in Microsoft Internet Information Services Web server will be addressed by the software maker next week as part of its regularly scheduled release of updates across its product line.

Microsoft said the updates repairing the longstanding vulnerabilities would be among 13 bulletins released Tuesday. Eight Microsoft security bulletins are labeled critical and five important, according to the Microsoft Advance Notification issued Thursday.

MIcrosoft advisories:
Microsoft issues SMB vulnerability advisory, patch pending: With attack code widely available, companies could take steps to mitigate the threat. Windows 7 and Vista users are at risk.

Microsoft issues IIS FTP advisory, exploit code circulates: Exploit code is circulating for the FTP zero-day flaw in Microsoft IIS Web server.

"Usually we do not go into this level of detail in the advance notification but we felt that it is important guidance so customers can plan accordingly and deploy these updates as soon as possible," said Jerry Bryant Microsoft security program manager of Microsoft's decision to identify two of the advisories being addressed next week.

Microsoft issued an advisory early last month acknowledging that exploit code surfaced targeting SMB zero-day vulnerabilities. The SMB is used in Windows to communicate messages to devices on the network such as file sharing and communicating with printers. The exploit code targets SMV version 2 and was added to the Metasploit testing platform, initially enabling an attacker to remotely crash a computer. Updated code enables an attacker to distribute malware on Windows Vista Service Pack 1 and 2 as well as Windows 2008 SP1 server. A one-click "fix-it" workaround was made available temporarily disabling the SMB until a patch is released.

A bulletin will also be released addressing a second Microsoft serious vulnerabilities in Microsoft IIS and the availability of exploit code circulating that could enable an attacker to exploit the flaw. According to an advisory issued Sept. 1, the flaws affect Microsoft IIS version 5.0, 5.1 and 6.0, leaving the Web server vulnerable to an FTP attack.

In all, the bulletins address 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server. Microsoft said most of the updates will require a restart.


Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top