Tech Tip: Stay on top of Microsoft security bulletins

by Guest Contributor | Mar 12, 2004 4:04:00 PM

Tags: Guest Contributor, Windows Server 2003 Tips Newsletter

Takeaway:

In October 2003, Microsoft released a number of critical security bulletins relating to Windows Server 2003. One critical--and easily exploited--bug involves the Windows Messenger service that's responsible for delivering pop-up messages to users.

A buffer overrun vulnerability in this service allows remote hackers to execute code under the privileges of the local system. For more information, check out Microsoft Security Bulletin MS03-043.

A second flaw that could result in remote code execution lies in the Authenticode service. A potential hacker could exploit this vulnerability via social engineering--either by convincing users to visit a Web site that asks for permission to install an ActiveX control that takes advantages of the flaw or via an HTML-formatted e-mail.

If you're using Internet Explorer 6 in high security mode on your Windows Server 2003 system (the default IE configuration), you're not vulnerable to this exploit. Because of the default behavior in IE on Windows Server 2003, Microsoft rated this vulnerability Moderate. For more information, check out Microsoft Security Bulletin MS03-041.

Rounding out the list is another vulnerability that allows remote code execution of the attacker's choice. This buffer overrun vulnerability lies in the Windows Help and Support center.

Potential hackers can exploit this flaw via a URL that users click, and it can be in the form of a Web page or an HTML e-mail message. For more information, check out Microsoft Security Bulletin MS03-044.