MS VoIP security warning
Microsoft has issued its first security patches of the new year, warning users about a critical vulnerability in a component of its Internet Security and Acceleration (ISA) Server used to control Internet protocol (IP) telephony traffic. Three bulletins have been posted on Microsoft’s website, including lower-priority patches for Exchange Server 2003 and the Microsoft Data Access Components (MDAC). H.323 is a protocol that is used by IP telephony applications to send audio and video over IP networks. A buffer overflow in a filter for the H.323 data packets, which is part of ISA Server 2000, could enable a malicious hacker to run their own code on vulnerable servers, which would potentially grant them total control over the system. Attackers would have to send a special H.323 packet that was designed to trigger the overflow, Microsoft said.
Alcatel management software revamped
Alcatel has announced enhancements to its OmniVista network management product, including the ability for network managers to configure and troubleshoot a network with the click of a button. The OneTouch enhancement to OmniVista worked with the Alcatel Operating System to help reduce the time needed for repetitious network administration tasks. The new features inside OmniVista are designed to enhance secure access with OneTouch control for switch administration policies. Resource Manager provides backup and restore capabilities for software images and configuration files. Trap Responder automatically notifies IT personnel of network problems and triggers automatic actions to address problems; A Locator allows network managers to find hostile network elements and could find network-attached hosts from third-party vendors.