From dgoulet@vicr.com Wed, 02 May 2001 10:47:44 -0700 From: dgoulet@vicr.com Date: Wed, 02 May 2001 10:47:44 -0700 Subject: IIS 5.0 on Win2K from InfoWeek Message-ID: MIME-Version: 1.0 Content-Type: text/plain ** MS Warns Of Serious Vulnerability Microsoft is warning that an "extremely serious" flaw in Windows 2000 could enable a cracker to control any system running Internet Information Services (IIS) 5.0 software that ships with the operating system. Earlier versions are not affected. "Upgrade the patch before you read the bulletin [http://update.informationweek.com/cgi-bin4/flo?y=eDaq0BdFGA0V20NU30A6 ]," warns Scott Culp, a Microsoft security program manager. Culp says an unchecked buffer in the services that support Internet printing capabilities causes the vulnerability. He adds that users who turn off the printing services are not vulnerable. The extent of the vulnerability is severe. "There is virtually nothing a malicious hacker couldn't do to an exploited system," Culp says. Microsoft says it has distributed information about the vulnerability and started contacting certain customers before the company released the patch at 1 p.m. EDT Tuesday. A security software firm, eEye Digital Security, notified Microsoft of the vulnerability 10 days earlier. Gartner analyst John Pescatore says a large portion of Windows 2000 users probably have not turned off the affected services and should either do so or install the patch immediately. Pescatore says Microsoft made a critical error. "IIS has been a cancer on Windows 2000," he says. "Including that code in the Windows 2000 base vs. it being a separate application was a huge mistake." - George V. Hulme For related stories, see: Windows 2000 Security Represents A Quantum Leap http://update.informationweek.com/cgi-bin4/flo?y=eDaq0BdFGA0V20NU40A7 Security: The Enemy Within http://update.informationweek.com/cgi-bin4/flo?y=eDaq0BdFGA0V20NU50A8 Microsoft Warns of Spoofed Certificates http://update.informationweek.com/cgi-bin4/flo?y=eDaq0BdFGA0V20NU60AA -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: INET: dgoulet@vicr.com Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru@fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).