Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

May Security Vulnerabilities

Earlier this week, Microsoft released a couple of patches on its standard monthly schedule. These patches are designed to plug a couple of critical security flaws, including what appears to be a very serious problem with Microsoft Exchange Server.

The two Windows flaws are not terribly serious, in my opinion. One, MS06-020, is rated “Critical” and plugs a problem with the Flash player. So, technically, this isn’t a problem with Windows but with Flash, and Adobe has also released a security bulletin as well. The second, MS06-018, fixes a flaw with the Distributed Transaction Coordinator (DTC). This flaw can only cause a Denial of Service (DoS) condition and can be blocked at perimeter firewalls (but this, of course, won’t protect against internal threats).

Other related security advisories: Secunia: Microsoft Distributed Transaction Coordinator Two Vulnerabilities Secunia: Microsoft Windows Flash Player Code Execution Vulnerabilities

However, it is the Microsoft Exchange Server vulnerability, MS06-019, that is more troubling. Remotely exploitable via anonymous connections (such as SMTP), this exploit is ripe for an automated worm. What’s worse, typical perimeter firewall protections won’t help and no user intervention is required. Simply getting spammed may be sufficient to affect your server! This is one patch to get installed as quickly as possible (after appropriate testing has occurred, of course).

Read the Secunia advisory on the Exchange flaw here.

Also, a third party has uncovered an additional flaw in Windows that has not yet been patched. This vulnerability affects compiled Help files (see more detailed information). This one requires user intervention, so isn’t quite as likely to spread via a worm.

Be social and share this post!