Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


22 new security flaws discovered in Windows products

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

October 13, 2004

Microsoft just published 10 new software security advisories, warning corporate administrators and Windows users of no less than 22 new security holes that affect the company's range of products. The advisories, and patches published with the bulletins, range from an "important" flaw affecting only Microsoft Windows NT Server to a collection of eight security holes, including three rated "critical".

Many of the security flaws leave Internet Explorer open to attack.

Microsoft's highest severity rating for software flaws is its "critical" ranking, while "important" is considered slightly less severe.

Leasing links to your website will boost your search engine visibility
By leasing quality links to your website, you will substantially increase your site's visibility in today's major search engines. Click here for all the details.

One flaw, in Microsoft Excel, even affects Apple Computer's Mac OS X.

The abundance of flaws could leave corporate PCs vulnerable to attack if administrators are not able to patch quickly. A similar situation occurred in April, when Microsoft published seven advisories detailing 20 flaws. While one security hole stood out among those 20--and led to the widespread Sasser worm--there are no standouts in the current gaggle of goofs.

"Our challenge is trying to guess what the criminals are going to attack," said Stephen Toulouse, security program manager for Microsoft's security response team. "The guidance we are giving in general is to treat the critical ones first."

A single computer would not be vulnerable to all the flaws, Toulouse added.

Oliver Friedrichs, senior director of Symantec's security response center, said three vulnerabilities could lead to a Sasser-like worm, but the danger is lessened by the fact that the vulnerable services are not started by default on most versions of Windows.

These flaws are related to three network protocols that are not generally activated on Windows computers: Simple Mail Transfer Protocol (SMTP), Network News Transfer Protocol (NNTP), and Network Dynamic Data Exchange (NetDDE).

"Blaster and Sasser targeted core system vulnerabilities, where if you didn't have the patch you were vulnerable," Friedrichs said. "The key thing here is that these are not (generally) enabled by default.The question is how large is the deployment of vulnerable systems."

Microsoft rates the SMTP flaw critical only for Microsoft Exchange Server 2003. The NNTP flaw is rated critical for Microsoft Exchange 2000.

The other major class of flaws are those that affect applications on desktop computers, such as Internet Explorer and Excel. Threats to so-called client-side applications have been growing, Friedrichs said.

Of the current crop of vulnerabilities, 12 fall into that category. Of these, Microsoft rated five critical: three of the eight vulnerabilities in Internet Explorer, as well as two flaws in Excel.

Several of the flaws could be used to create Web content that would run a program from the Internet, if a victim could be lured to the malicious Web site.

Get your advertorials and infomercials written by experts.
The exact wording of your advertorial or infomercial is important to the success of your business. Get it written by the professionals at Advertorial.org -- Click here to learn more.

Symantec raised its overall Internet Threat Condition to 2 from 1, on account of the newly released vulnerabilities.

Microsoft has also re-released a patch from last month's graphics vulnerability, fixing a conflict with Windows XP Service Pack 2.

Source: C-Net News


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2003    Terms of use    Privacy agreement    Legal disclaimer