NUEVOS PARCHES DE MICROSOFT

Cerrado
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

NUEVOS PARCHES DE MICROSOFT

Mensaje por msc hotline sat » 14 Abr 2004, 16:23

McAfee nos informa de la publicación hoy de nuevos parches de Microsoft, según indica en su comunicado:



http://vil.nai.com/vil/content/v_101170.htm



que copio y pego a continuacion:



____________________





Vulnerability Name Risk Assessment

MS Vulnerabilities MS04-011 - 014 Corporate User : N/A

Home User : N/A







Vulnerability Information

Discovery Date: 04/13/2004

Origin: Microsoft

Length: N/A

Type: Vulnerability

SubType: Microsoft

Minimum DAT:

Release Date: N/A



Minimum Engine: 4.2.40

Description Added: 04/12/2004

Description Modified: 04/13/2004 10:53 AM (PT)

Description Menu

Vulnerability Characteristics

Symptoms

Method Of Infection

Removal Instructions

Variants / Aliases

Rate This page

Print This Page

Email This Page

Legend







Vulnerability Characteristics:

The following Microsoft vulnerabilities were announced on April 13, 2004.



MS04-011 - Security Update for Microsoft Windows (835732)

For Microsoft's details of this vulnerability please see:

http://www.microsoft.com/en/us/default.aspxtechnet/security/bulletin/ms04-011.mspx



MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)

For Microsoft's details of this vulnerability please see:

http://www.microsoft.com/en/us/default.aspxtechnet/security/bulletin/ms04-012.mspx



MS04-013 - Cumulative Security Update for Outlook Express (837009)

For Microsoft's details of this vulnerability please see:

http://www.microsoft.com/en/us/default.aspxtechnet/security/bulletin/ms04-013.mspx



MS04-014 - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

For Microsoft's details of this vulnerability please see:

http://www.microsoft.com/en/us/default.aspxtechnet/security/bulletin/ms04-014.mspx



Top of Page



Symptoms

N/A This description covers multiple Microsoft vulnerabilities that may potentially be exploited.

Top of Page



Method Of Infection

N/A



Top of Page



Removal Instructions

McAfee DAT Files

Generic detection for threats attempting to exploit MS04-013 (837009) is included in the 4351 DAT files as Exploit-MhtRedir.gen. Generic detection for threats attempting to exploit MS04-011 (CAN-2003-0907) is included in the 4351 DAT files as Exploit-HelpInject when running Script and Macro Heuristics.

McAfee Desktop Firewall

To help protect against the MS04-012 vulnerability (CAN-2003-0813, CAN-2004-0116, CAN-2003-0807) users should enforce the following rules:



Block TCP ports 135, 139, 445, 593

Block UDP ports 135, 137, 138, 445

Block all unsolicited inbound traffic on ports greater than 1024

Block any other specifically configured RPC port

Block, if installed, COM Internet Services (CIS) or RPC over HTTP, which listen on ports 80 and 443

To help protect against the MS04-011 vulnerability users should enforce the following rules:



CAN-2003-0533 - block UDP ports 135, 137, 138, 139, 445 and TCP ports 138, 139, 445, 593

CAN-2003-0663 - block LDAP TCP ports 389, 636, 3368, and 3369

CAN-2004-0117 - block TCP 1720, and 1503, both inbound and outbound

CAN-2004-0120 - block ports 443 and 636

McAfee Entercept

Entercept's buffer overflow protection protects against exploits targeting the following vulnerabilities



MS04-012 CAN-2003-0813

MS04-011 CAN-2003-0533

MS04-011 CAN-2003-0719

MS04-011 CAN-2003-0806

MS04-011 CAN-2003-0906

MS04-011 CAN-2004-0117

MS04-011 CAN-2004-0119

MS04-011 CAN-2004-0123

MS04-014

McAfee Intrushield

McAfee IntruShield stops attacks against multiple vulnerabilities disclosed in MS04-011 and MS04-012. The updated signatures are included in 1.5.37 and 1.8.25 signature sets or later, which will be available for download by April 15. McAfee IntruShield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.



Sniffer Technologies

Filters for the MS04-011, and MS04-012 vulnerabilities have been created for Sniffer Distributed, Sniffer Portable and the Netasyst network analyzer to alert network managers to the presence of malicious traffic traveling in the network specific to this vulnerability and potential exploits.



MS04-011 Sniffer Filters.zip

MS04-012 Sniffer Filters.zip

McAfee Security Threatscan

McAfee Threatscan users should update both the server and agent signatures to provide protection for the MS04-011, MS04-012, MS04-013, and MS04-014 vulnerabilities. Ensure that all ThreatScan installations are updated to version (2004-04-13).



Threatscan 2.5 - ftp.nai.com/pub/security/tsc25/updates/winnt

Threatscan 2.0/2.1 - ftp.nai.com/pub/security/tsc20/updates/winnt



____________________



saludos



ms, 14-04-2004

Cerrado

Volver a “ALERTAS VIRICAS y utilidades de eliminacion”