Home > Windows Security News > One patch for Active Directory is a doozy
Windows Security News:
EMAIL THIS LICENSING & REPRINTS

One patch for Active Directory is a doozy

By Serdar Yegulalp, Contributor
10 Jul 2007 | SearchWindowsSecurity.com

Advice for securing Windows
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

Microsoft's Patch Tuesday for July turned up a total of six aggregate problems, and the two most potentially dangerous problems are issues with Active Directory and the .NET Framework.

The biggest doozy of the bunch is probably the vulnerability in Windows Active Directory, found in Windows 2000 Server and Windows Server 2003 (all versions). Someone that has access to AD as an authenticated user could in theory craft an LDAP request that could bring Active Directory to its knees -- either by running an arbitrary payload or by just instigating a denial-of-service attack.

More news on AD flaw
Inside MSRC: Microsoft Server flaw should be given high priority

Before you panic, though, keep in mind that, again, it requires an authenticated user to pull it off. Microsoft does recommend only allowing authorized hosts to perform LDAP queries as an additional layer of safety. (Instructions on how to do that are in the Active Directory vulnerability article.)

Another patch release is a possible troublemaker for anyone running .NET applications on Internet Information Services [IIS]. They should pay close attention to a clutch of issues in .NET, all versions from 1.0 through 2.0, that make it possible for someone to remotely execute arbitrary code.

Specifically, this refers to the ASP.NET Null Byte Termination Vulnerability described in that article. The other .NET vulnerabilities are more desktop than server issues, but Microsoft treats them all as one here, so if you patch one you'll patch them all.

An issue with Excel affects, unfortunately, all editions of the program, although Office 2007 still seems to be faring a lot better than its predecessors when it comes to security issues. Ditto with Windows Vista: This month has turned up a Vista problem, but it's neither universal nor something that lends itself to actually taking control of a machine. That doesn't mean it should be taken lightly, however: As with all other Patch Tuesday releases, patch early and patch often.

Last of all, a Vista issue might allow an attacker to learn a little more about a machine behind the Windows Vista Firewall. It's not one that'll put too black a mark on Vista's security record, though, since the vulnerability in question isn't exposed by default on all Vista machines -- and it doesn't actually allow an attack per se.



Sound Off! -   Be the first to post a message to Sound Off!


Tags: Patch Management TipsAuthentication PatchesVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT DownloadsBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2004 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts