Microsoft patches critical vulnerabilities14/04/2004 Written by G00db0y
After 200 days, Microsoft has released four patches to fix multiple vulnerabilities affecting its products. The critical discoveries include dangerous flaws in Remote Procedure Call (RPC): RPC Runtime Library Vulnerability (CAN-2003 – 0813), RPCSS Service Vulnerability (CAN-2004 – 0116), COM Internet Services (CIS) — RPC over HTTP Vulnerability (CAN-2003 – 0807) and Object Identity Vulnerability (CAN-2004 – 0124).
According to Microsoft an attacker who is able to exploit these vulnerabilities could take full control of the affected system. He could then do whatever he wants on the vulnerable system; he will be able to install programs, viewing, changing or deleting data and, of course, to create new accounts on the system. Microsoft released an advisory for these problems, you can see it here:
Microsoft patched also a problem that affects MHTML (CAN-2004 – 0380). According to Microsoft an attacker can execute a remote code by using a specially crafted MHTML URL. He will run code in the Local Machine security zone in Internet Explorer. An attacker, in this way, will take full control of an affected system. Advisory:
A buffer overrun vulnerability that affects Microsoft Jet Database Engine (JET) was also patched by Microsoft. This vulnerability could allow remote code execution on a vulnerable system. (CAN-2004 – 0197) Advisory:
Last but not least Microsoft released a patch for multiple vulnerabilities that are affecting multiple services on their products. (LSASS, ASN, LDAP, PCT, Winlogon etc). An attacker who is able to exploit these vulnerabilities can take full control of an affected system. Advisory:
All these critical vulnerabilities, if left unpatched, can allow an attacker to take complete control of an affected system.
Zone-h recommends that everybody applies the update as soon as possible… Blaster 2 is coming!