Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

VULNERABILITY ADVISORY: McAfee Security Protects Against Three New Microsoft Windows Vulnerabilities

  • 10 March, 2004 13:59

<p>McAfee Protection-In-Depth Strategy Provides System and Network Protection to Identify and Block Potential New Attacks</p>
<p>SYDNEY, March 10, 2004 — Network Associates, the leading provider of intrusion prevention solutions, today announced that it provides system and network protection for the MS04-008, MS04-009 and MS04-010 vulnerabilities announced by Microsoft Corporation today. These vulnerabilities have been reviewed by McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team) security research teams at Network Associates. Based on their findings, McAfee AVERT recommends that users confirm the Microsoft product versioning outlined below in the Microsoft bulletin to ensure protection and to update or deploy the solutions outlined below.</p>
<p>Microsoft Vulnerabilities Overview</p>
<p>• MS04-008 - Vulnerability in Windows Media Services Could Allow a Denial of Service (832359)</p>
<p>• MS04-009 - Vulnerability in Outlook Could Allow Code Execution (828040)</p>
<p>• MS04-010 - Vulnerability in MSN Messenger Could Allow Information Disclosure (838512)</p>
<p>Scope of Potential Compromises</p>
<p>These vulnerabilities range in scope from a vulnerability in Windows Media Services, which could allow a Denial of Service (DOS) attack that would make the machine stop responding to requests by the user, to a privilege escalation vulnerability in Outlook 2002, which could allow Internet Explorer to execute code in the Local Machine Zone on an affected system, to an MSN Messenger information disclosure vulnerability, which could allow the attacker to view the contents of the files on the hard drive without the user’s knowledge if the attacker knew the exact location of the file.</p>
<p>More information on the vulnerabilities can be found at and</p>
<p>McAfee Solutions</p>
<p>The McAfee AVERT DAT files, version 4336, will be posted on March 11, 2004 and will contain new signatures to detect certain MS03-009 exploits that may use the sample exploit code used to discover these threats. Extra.dats are available to those users who believe they are in need by sending email to</p>
<p>McAfee Desktop Firewall stops the MS04-008 by blocking TCP port 7007 and 7778 at the firewall. This will help prevent systems that are behind the firewall from being attacked by attempts to exploit this vulnerability.</p>
<p>Filters for the MS04-008 vulnerability have been created for Sniffer Distributed, Sniffer Portable and the Netasyst network analyzer to alert network managers to the presence of malicious traffic traveling in the network specific to these vulnerabilities and potential exploits.</p>
<p>McAfee ThreatScan users should update both the server and agent signatures to provide protection for the MS04-008 vulnerability. Microsoft users can update their affected systems with the necessary patches available on the Microsoft web site at</p>
<p>McAfee AVERT Labs is one of the top-ranked anti-virus and vulnerability research organizations in the world, employing more than 100 researchers in offices on five continents. McAfee AVERT protects customers by providing cures that are developed through the combined efforts of McAfee AVERT researchers and McAfee AVERT AutoImmune technology, which applies advanced heuristics, generic detection, and ActiveDAT technology to generate cures for previously undiscovered viruses.</p>
<p>With headquarters in Santa Clara, California, Network Associates, Inc. (NYSE: NET), creates best-of-breed computer security solutions that prevent intrusions on networks and protect computer systems from the next generation of blended attacks and threats. Offering two families of products, McAfee System Protection Solutions, securing desktops and servers, and McAfee Network Protection Solutions, ensuring the protection and performance of the corporate network, Network Associates offers computer security to large enterprises, governments, small and medium sized businesses, and consumers. For more information, Network Associates can be reached on the Internet at</p>
<p>NOTE: Network Associates, McAfee, ThreatScan, Sniffer and AVERT are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the United States and/or other countries. Sniffer® brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. ©2004 Networks Associates Technology, Inc. All Rights Reserved.</p>
<p>For further information or comment, please contact:</p>
<p>Allan Bell at Network Associates on 02 9761 4229, or 0412 411 929.</p>

Most Popular