Pre-emptive protection from ISS

The vendor claims its products and managed services will pre-emptively protect customers against all threats targeting these vulnerabilities. It also says that failure to protect systems will leave themselves vulnerable to threats that would have a serious impact for organisations.

  • E-Mail
By  Sarah Gain Published  February 13, 2005

Security leaders Internet Security Systems (ISS), has declared that it has pre-emptive protection available for all vulnerabilities announced by Microsoft. Of these vulnerabilities, ISS’ X-Force research and development team considers two to be a serious threat to enterprise organisations. They are the License Logging Service (LLS) Vulnerability (MS 05-010) and the Server Message Block (SMB) Client Vulnerability (MS 05-011). “Organisations using the affected Windows platforms should patch these high risk vulnerabilities immediately,” says Abe Mounce, director, X-Force research and development. “Successful exploitation of the SMB vulnerability or the LLS vulnerability can lead to the installation of malicious programs and even complete control over an affected system.” The vendor claims its products and managed services will pre-emptively protect customers against all threats targeting these vulnerabilities. It also says that failure to protect systems will leave themselves vulnerable to threats that would have a serious impact for organisations. If a user is logged on with administrator privileges, an attacker who successfully exploited these vulnerabilities could take complete control of an affected system, including installing malicious programs such as malware; viewing, changing, or deleting confidential information; or further network compromise. Windows uses the SMB protocol for sharing resources such as files and printers. The Windows SMB client contains multiple buffer overflow vulnerabilities, which can be triggered when an affected client queries an untrusted SMB server. Affected systems include Windows 2000 up to and including SP4, Windows XP up to and including SP2, and Windows Server 2003. LLS is a Microsoft-specific service designed to manage and track licensing for large installations of Windows products. The service contains several buffer overflow vulnerabilities that might be leveraged by an attacker to gain control of an affected server such as Windows NT4 and Windows 2000 Server. ISS has pre-emptively shipped network and server protection for these vulnerabilities to all its customers earlier last week, and they recommend that all other organisations should immediately install critical updates provided by Microsoft.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code