Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Update: Microsoft patches 11 bugs

Put the critical Active Directory vulnerability at 'top of the list,' say experts

July 10, 2007 12:00 PM ET

Computerworld - Microsoft Corp. today issued six security updates for Windows, Office and the .Net Framework, patching a total of 11 vulnerabilities -- five of them rated critical.

The most serious of the batch is MS07-039, said security analysts who, unlike last month, had no trouble naming that critical update as the one which should be patched first.

"By far, this is the top of the list this month," said Andrew Storms, director of security operations at nCircle Network Security Inc.

MS07-039 patches a pair of bugs in Active Directory in Windows 2000 Server and Windows Server 2003, the two supported server editions of Microsoft's operating system. The most dangerous of the two is a vulnerability in the way Active Directory validates an LDAP (Lightweight Directory Access Protocol) request. According to Microsoft's write-up, "an attacker who successfully exploited this vulnerability could take complete control of an affected system."

"Definitely at the top of today's list," agreed David Dewey, a researcher with IBM Internet Security Systems' X-Force team. "It's definitely exploitable."

Dewey should know, since it was a colleague at ISS, Neel Mehta, who discovered the flaw last summer. "Neel's created proof-of-concept code in-house during the time we worked on this with Microsoft," said Dewey.

"It would certainly be worth the effort" to exploit this, added Storms. "Active Directory is in the center of every Windows network. There's a lot in there, including the group policy objects that set security -- and everything about every user."

Unlike most vulnerabilities, the Active Directory bug can be exploited without any user interaction, and on Windows 2000 Server, the older of the two operating systems, it can be attacked by an anonymous user. Although Windows Server 2003 may look safer at first glance -- an attacker must have valid credentials to exploit the bug on that edition -- looks can be deceiving, said Tom Cross, another X-Force researcher.

"In this case, the authentication requirements become less important," said Cross. "Anyone on the network -- an employee, for example -- would by definition have credentials." Worse, said Cross, is that outside attackers could exploit this without a lot of trouble by bundling an MS07-039 exploit with a multistrike attack that figures on compromising some fraction of enterprise laptops while they're outside the network. Once back inside the enterprise's perimeter, the Active Directory exploit could fire up -- using the credentials of the hijacked notebook -- to grab systems running the supposedly more secure Windows Server 2003.

Two of the remaining five bulletins were pegged "critical" by Microsoft, while another two were marked "important." The final update was tagged as "moderate."



Jump to comments

Microsoft

Additional Resources

Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

White Papers & Webcasts

Death to PST Files
Download Now  

Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".

eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!  

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...


IT Jobs