In-Depth
Briefs: Microsoft Flaw, nCircle Update
Microsoft warns of critical security flaw, nCircle updates IP360 vulnerability management
Microsoft Warns of Critical Security FlawMicrosoft released details of a “critical” security flaw—a buffer overrun in an HTML converter that could allow code execution. The bug affects Microsoft Windows 98 (both versions), Me, NT 4.0 Server, and Terminal Server Edition, 2000, XP, and Windows Server 2003. The company urged administrators to apply the patch immediately.
The flaw arises from the way Microsoft Windows converts files from one format to another—in particular, the way built-in Windows support for HTML conversion handles a conversion request during a cut-and-paste operation.
A specially crafted request to the HTML converter could cause it to fail and run code under the aegis of the currently logged-on user.
The real danger comes from the way that Microsoft Internet Explorer also uses cut-and-paste conversion functionality. An attacker could craft a specially formed Web page or HTML e-mail that would cause the HTML converter to run arbitrary code on a user's computer. When a user visits an attacker’s Web site, the attacker could simply exploit the vulnerability without any other user action.
The patch is available at http://www.microsoft.com/technet; search for Security Bulletin MS03-023.
nCircle Updates IP360 Vulnerability Management
Vulnerability management software provider nCircle released version 5.4 of its IP360 vulnerability management system. The company says IP360 is the only vulnerability management system that uses continuous discovery to measure the vulnerabilities and exposures of all devices, systems, and applications on the network.
The software helps customers discover, assess, and protect IP-enabled devices throughout the enterprise. The latest version can identify almost 900 different devices. A new remediation workflow application helps companies manage the many steps needed to fix any discovered vulnerabilities. In addition, the software can assess for the well-known SANS Top 20 list of vulnerabilities to help organizations pinpoint especially critical vulnerabilities.
"Attempting to secure enterprise assets using reactive solutions like IDS [intrusion detection systems] is a considerable challenge," says Pete Lindstrom, research director at Spire Security. "nCircle's IP360 vulnerability management system provides a proactive solution to stop attacks before they start."
For more information, visit http://www.ncircle.com/.
About the Author
Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.