On TechRepublic: 12 tech terms that make you sound old
BNET Business Network:
BNET
TechRepublic
ZDNet

March 10th, 2009

Microsoft fixes critical Windows kernel, WINS flaws

Posted by Ryan Naraine @ 4:12 pm

Categories: Arbitrary Code Execution, Botnets, Browsers, Denial of Service (DoS), Exploit code, Microsoft, Passwords, Patch Watch, Phishing, Privacy, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Flaw, Vulnerability, WINS, Microsoft Corp., Kernel, Bulletin, Microsoft Windows, Operating Systems, Security, Software

Microsoft today shipped three security bulletins with fixes for at least 8 documented vulnerabilities affecting millions of Windows OS users.

The most serious of this month’s patch batch is rated “critical” and could allow full remote execution attacks if a Windows user is simply lured into viewing a booby-trapped image file.

The skinny on the March 2009 bulletins:

  • MS09-006: (CRITICAL) Provides cover for three newly discovered and privately reported vulnerabilities in Windows, which could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.  These vulnerabilities affect all versions of Windows, including Vista and Windows Server 2008.  Microsoft expects to see exploit code for these flaws but reckons the reliability will be “inconsistent.”
  • MS09-007: (IMPORTANT): This bulletin includes a patch for a solitary vulnerability in Windows, which could allow spoofing if an attacker gains access to the certificate used by the end user for authentication.  Again, Microsoft says “inconsistent exploit code” is likely.   The bulletin is available for all versions of Windows — Windows 2000 through Windows Server 2008.
  • MS09-008 (IMPORTANT): This update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows , which could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. Microsoft says the patches correct the way that Windows DNS servers cache and validate queries, and by modifying the way that Windows DNS servers and Windows WINS servers handle WPAD and ISATAP registration.  For these issues, Microsoft warns that “consistent exploit code” is likely.

Windows users should treat the “critical” bulletin with the highest possible priority.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 92 Talkback(s)
RE: Microsoft fixes critical Windows kernel, WINS flaws
well that being said is quite true :P
never really thought of that but yet its the smallest things that really count in the end.... (Read the rest)
Posted by: xKryptx Posted on: 03/18/09 You are currently: a Guest | | Terms of Use
Slight corrections...  PB_z | 03/10/09
afects windows7 too ?  bksgs1 | 03/10/09
RE: Microsoft fixes critical Windows kernel, WINS flaws  ridingthewind | 03/11/09
No automatic reboot this time  Chad_z | 03/11/09
Business as usual  whisperycat | 03/11/09
Absolutely...  Sleeper Service | 03/11/09
Yes, absolutely...  MacCanuck | 03/11/09
Actually, most other OS benefit from the "nobody really cares" factor.  Sleeper Service | 03/11/09
nice logic  tmsbrdrs | 03/11/09
I think you mean to say "Lower market share",  ye | 03/11/09
Naw...he really meant there isn't that much you can do with the vulns...  storm14k | 03/11/09
Perhaps. Which can be explained by lack of market share.  ye | 03/11/09
You do know it's a waste of time right?  TripleII | 03/11/09
The problem is you never prove blue is blue.  ye | 03/11/09
FAIL - netbook sales still minute vs. traditional PC / laptop sales  de-void | 03/12/09
That's because...  ghost_ghost | 03/12/09
Spin it all you want  MacCanuck | 03/11/09
So please detail how they're more easily achieved.  ye | 03/11/09
This is for others.  TripleII | 03/11/09
@TripleII: How does the existence of script kiddies prove...  ye | 03/11/09
I will let everyone else decide.  TripleII | 03/11/09
@TripleII: I will do as I always have and avoid supporting my claims.  ye | 03/11/09
Just follow the news  MacCanuck | 03/11/09
@MacCanuck: I have never argued malware doesn't exist for Windows.  ye | 03/11/09
@Triple II - One thing I noticed...  MGP2 | 03/11/09
@MGP2. You are kidding right?  TripleII | 03/11/09
@TripleII: While script kiddies may...  ye | 03/11/09
TripeII, There are still people who believe the earth is flat.  joe.smetona@... | 03/12/09
@joe.smetona: You now have a reply.  ye | 03/12/09
@Ye, You forgot to mention if you ever got infected?  joe.smetona@... | 03/12/09
@joe.smetona: Because I *like* UNIX. My preference is Solaris.  ye | 03/12/09
@Ye, Linux vs. Window security.  joe.smetona@... | 03/12/09
@joe.smetona: A fact is something that shows Linux is more secure.  ye | 03/12/09
@Ye, admin abilities.  joe.smetona@... | 03/12/09
@joe.smetona: Until the release of Vista I would have agreed with this...  ye | 03/12/09
@ye, Market Share, Inauguration, OpenOffice  joe.smetona@... | 03/12/09
@joe.smetona: Then by all means provide proof.  ye | 03/12/09
@Ye, Dated Arguments  joe.smetona@... | 03/12/09
@joe.smetona: Proof of what?  ye | 03/12/09
MS attacks are (usually) more deadly and more easily achieved.  GAXXIS | 03/11/09
That's a very good question..  MGP2 | 03/11/09
response  tmsbrdrs | 03/11/09
Not that much lower  frabjous | 03/11/09
LOL! You actually believe Apple has 18%?  ye | 03/11/09
It's actually closer to 10%  914four | 03/13/09
Very interesting.  joe.smetona@... | 03/12/09
The only interesting thing here is more of the same made up "facts".  ye | 03/12/09
Beware Jobs' Reality Distortion Field (JRDF)  de-void | 03/12/09
@de-void, Apple sales  joe.smetona@... | 03/13/09
apples 18% share  jns_45K@... | 03/12/09
Sigh, any security patch is great.  TripleII | 03/11/09
How many of those are crtical, Triple?  Sleeper Service | 03/11/09
They are Windows vul'ns.  TripleII | 03/11/09
The bluebottle argument  whisperycat | 03/11/09
Thanks, I needed a breath of fresh air.  joe.smetona@... | 03/12/09
Tis quite true...  jacarter3 | 03/12/09
I run Windows "naked".  ye | 03/12/09
That's just your opinion  jacarter3 | 03/12/09
Got proof that I'm lying?  ye | 03/12/09
Got proof you're not?  jacarter3 | 03/12/09
The burden of proof is on you.  ye | 03/12/09
UNIX was NOT built to nascently support TCP/IP  de-void | 03/12/09
The redbottle argument  jackbond | 03/12/09
Murderers hate facts  jackbond | 03/12/09
This is five years old. And refers to Windows 95 and 98.  ye | 03/12/09
And many banks are learning...  914four | 03/13/09
Still using the outdated arguments?  ye | 03/13/09
This discussion took place...  914four | 03/13/09
I am not interested in the name of the bank.  ye | 03/13/09
Reply to ye  914four | 03/13/09
@914fou: I read it. And it lacked any mention of...  ye | 03/14/09
Reply to ye  914four | 03/17/09
I'm confused...  914four | 03/13/09
You mean open source was responsible for Three Mile Island...  Sleeper Service | 03/11/09
What about that naval ship that had to be towed into port...  ye | 03/11/09
I don't get it  jdieter@... | 03/11/09
It was a reference to this:  ye | 03/11/09
Open source - in 1979?  jdieter@... | 03/11/09
But UNIX did exist in 1979.  ye | 03/11/09
almost definitely not UNIX in nuclear plant  Aussie_linux_user | 03/11/09
Most likely an HP1000, but I doubt it was the cause of the failure.  914four | 03/13/09
weren't even PCs in 1979  jdieter@... | 03/11/09
There were PCs, just not the PC name  Erroneous | 03/12/09
It posted in the wrong place SHOOT  GAXXIS | 03/11/09
Fact for you.  joe.smetona@... | 03/12/09
NO VIRUSES AT ALL!  jdieter@... | 03/11/09
Riiiiiiiiiiiiiiight!  de-void | 03/12/09
RE: Microsoft fixes critical Windows kernel, WINS flaws  theriginalgeekmom | 03/11/09
Big deal....  Crestview | 03/11/09
You really need to check for key-loggers and rootkits.  joe.smetona@... | 03/13/09
Here is a simple, free way to limit Windows systems exposure to malware:  ye | 03/13/09
RE: Microsoft fixes critical Windows kernel, WINS flaws  xKryptx | 03/18/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline