Reported April 13, 2004, by Microsoft.

 

 

 

VERSIONS AFFECTED

 

·        Windows Server 2003

·        Windows XP

·        Windows 2000

·        Windows NT Server 4.0 Service Pack (SP) 6a

·        Windows NT Server 4.0, Terminal Server Edition (WTS) SP6

·        Windows NT Workstation 4.0 SP6a

·        Microsoft Windows Me

·        Microsoft Windows 9x

·        Microsoft NetMeeting

 

DESCRIPTION

 

Fourteen new vulnerabilities exist in Windows, the most serious of which could result in the remote execution of arbitrary code on the vulnerable system with SYSTEM privileges. These 14 vulnerabilities consist of:

 

·         Local Security Authority Subsystem Service (LSASS) vulnerability

·         Lightweight Directory Access Protocol (LDAP) vulnerability

·         Private Communications Technology (PCT) vulnerability

·         Winlogon vulnerability

·         Metafile vulnerability

·         Help and Support Center vulnerability

·         Utility Manager vulnerability

·         Windows Management vulnerability

·         Local Descriptor Table vulnerability

·         H.323 vulnerability

·         Virtual DOS Machine (VDM) vulnerability

·         Negotiate SSP vulnerability

·         Secure Sockets Layer (SSL) vulnerability

·         ASN.1 "Double Free" vulnerability

 

VENDOR RESPONSE

 

Microsoft has released Microsoft Security Bulletin MS04-011, "Security Update for Microsoft Windows (835732)," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

 

CREDIT

 

Discovered by Carlos Sarraute, Internet Security Systems, Ondrej Sevecek, Jouko Pynnönen, Brett Moore, Cesar Cerrudo, Ben Pryor, Erik Kamphuis, NSFOCUS Security Team, John Lampe, Foundstone Labs, Qualys and eEye Digital Security.