RealTime IT News

Microsoft Plugs Three More Security Holes

Software behemoth Microsoft on Wednesday issued patches for three security holes detected in the Windows platform, including a "critical" vulnerability that could allow code execution.

Research firm ISS X-Force raised its alert level to AlertCon 2 for the buffer overflow vulnerability in the RPC Interface, warning that it poses an "enormous threat."

"Exploitation of this vulnerability should not be considered trivial, due to the potential impact, threats could quickly surface," X-Force said.

Microsoft issued a patch for the vulnerability, which affects Windows NT 4.0, Windows NT 4.0 Terminal Services Edition, Windows 2000, Windows XP and Windows Server 2003.

It is the first "critical" flaw discovered and fixed in the new Windows Server 2003.

the Remote Procedure Call (RPC) protocol provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on a remote system. The security hole was detected into the section of RPC that deals with message exchange over TCP/IP, Microsoft explained.

"An attacker who successfully exploited this vulnerability would be able to run code with Local System privileges on an affected system. The attacker would be able to take any action on the system, including installing programs, viewing changing or deleting data, or creating new accounts with full privileges," according to the alert.

Separately, Microsoft issued a warni ng for an unchecked buffer in Windows Shell that could allow system compromise. The flaw, which only affects Windows XP, carries an "important" rating.

The company said an unchecked buffer exists in one of the functions used by the Windows shell to extract custom attribute information from certain folders. A security vulnerability results because it is possible for a malicious user to construct an attack that could exploit this flaw and execute code on the user's system.

A third security alert was also released for a cross-site scripting vulnerability found in error pages that are returned by the Internet Security and Acceleration (ISA) Server 2000. That flaw also carries an "important" rating.