Subscribe to Windows IT Pro

 

Get Newsletters

  • Get the Latest News
  • Product Updates
  • Helpful Tricks
  • Productivity Tips

Subscribe Now!

February 12, 2004 12:00 AM

More Security Patches On The Way for Microsoft Platforms

M Edwards
Windows IT Pro
InstantDoc ID #41761
Rating: (0)

Microsoft recently released a patch for problems with ASN.1 in its Windows operating systems. The patch took roughly half a year for Microsoft to test and release, which was probably due to the seriousness and wide-ranging affects of the problem – e.g. the company wanted to make sure the patch was stable.

The ASN.1 problem was discovered by researchers at eEye Digital Security, and it's not the only problem they've discovered that will be patched by Microsoft. At least seven more security patches on the horizon for Windows platforms.

According to eEye's research Web, the company has discovered and reported to Microsoft seven other high and medium level security problems. The most recent problem was reported February 9, 2004 and the earliest was reported September 10, 2003.

According to eEye the problems include four exploits that could allow local or remote intruders to gain access to a Windows operating system under the context of the System account; one exploit that would allow denial of service attacks that could cause a system to completely fail; and two exploits that can allow arbitrary code to execute. In an effort to protect the public at large eEye made no precise details of these problems available other than the general descriptions summarized above.

As is usually the case, Microsoft has made no comments regarding when patches for these particular problems might become available, however we can safely assume that the company is working on solutions.

Related Content:

ARTICLE TOOLS


Want to use this article? Click here for options!

Comments
Add A Comment
  • Steve Pellegrino
    8 years ago
    Feb 20, 2004

    If you are manually upgrading Win NT4.0 machines using ‘ IE/Windows Update’ beware that the ASN.1 Patch (KB82028) is not obvious. It does not show up in Critical Updates unless (KB823182)is already installed.

    On the 15 machines that I have patched so far I had to first explicitly select the (KB823182) patch before the ASN.1 Patch (KB82028) showed up as a Critical Update. The (KB823182) is not (by default) selected as a Critical Update and must be installed separately.

    To verify if the ANS.1 Patch has been installed check the WinNT folder for a folder labeled “$NtUninstallKB828028$”.
    This only happened on the WinNT 4.0 machines that I updated.

  • Errol Holt
    8 years ago
    Feb 18, 2004

    [Cumulative Security Update for Windows NT 4.0]
    I realize that Microsoft has repeatedly stated in
    the past that they will not produce a new Service
    Pack (SP7) for Windows NT 4.0 but does anyone else
    believe it is time for Microsoft to refresh one or
    both of the following updates?

    WinNT 4.0 Service Pack 6a (SP6a)

    Post-WinNT 4.0 SP6a Security Rollup Package (299444)

    WinNT 4.x SP6a dates back to 1999:
    http://www.microsoft.com/ntserver/ProductInfo/Bulletins/Sp6Mktbulletin.asp
    http://www.microsoft.com/ntserver/nts/downloads/recommended/SP6/

    The most recent cumulative update for WinNT 4.x
    is dated July 26, 2001 [2001-07-26]:

    299444 - Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)
    http://support.microsoft.com/default.aspx?scid=kb;en-us;299444
    http://www.microsoft.com/ntserver/nts/downloads/critical/q299444/

  • BitKeeper
    8 years ago
    Feb 12, 2004

    And we are to assume this is accecptable? I am past the point of being shocked OR ammuzed.

  • JULIE
    8 years ago
    Feb 12, 2004

    How many Security Patches is enough?

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

White Papers

Get your Windows 7 deployment off to the right start by implementing PC lockdown. A locked-down environment is easier and cheaper to support since users are less likely to make unnecessary changes to the core system configuration - read more here!

Essential Guides

Is your iSCSI "lossy"? The reality is that most off-the-shelf Ethernet hardware deployed for iSCSI can lose packets, resulting in slow performance or application downtime. Learn how to assess your current iSCSI infrastructure and engineer an advanced iSCSI SAN infrastructure.

Web Seminars

What's the best way to keep your network safe from malware? In this web seminar, security expert Greg Shields suggests an alternative method to the traditional blacklisting approach that is common with anti-virus and anti-malware solutions.

eLearning Series

We bring the experts direct to you to share their real-world perspective and expertise. During each event, three sessions stream in real time, so you can learn, ask questions, and get solutions.
Upcoming event: Getting the Most with Exchange 2010 with Paul Robichaux

Subscribe to Windows IT Pro!

Cloud IT Pro DevProConnections Left-Brain Mobile Dev Pro SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.