Microsoft Issues New Batch Of Security Updates - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

Microsoft Issues New Batch Of Security Updates

The bulletins cover flaws found in ISA Server 2000, Exchange Server 2003, and Windows.

Microsoft on Tuesday released three security bulletins to secure flaws discovered in ISA Server 2000, Exchange Server 2003, and Windows. The most severe flaw, rated as critical by Microsoft, is in ISA Server 2000.

The Microsoft Internet Security and Acceleration Server 2000 flaw, detailed in bulletin MS04-001, is located in the application's H.323 filter; if left unpatched, it could place the app at risk for a buffer-overflow attack against its firewall. If successful, the attacker could gain complete control over the system, Microsoft warns in its bulletin. The H.323 filter is turned on by default on servers running ISA Server 2000 in firewall or integrated mode.

The second flaw, detailed in bulletin MS04-002, is rated moderate by Microsoft. The flaw appears difficult to exploit, but would let attackers access certain E-mail boxes of customers using Exchange 2003 front-end server and Outlook Web Access. Microsoft says the flaw causes "random and unreliable" access to mailboxes that have been recently accessed via Outlook Web Access.

The third vulnerability affects Microsoft Data Access Components, a collection of components that provide database connectivity on systems running the Windows operating system. As detailed in bulletin MS04-00, the flaw has been found in MDAC versions 2.5, 2.6, 2.7, and 2.8, which are included with Windows 2000, SQL Server 2000, Windows XP, and Windows Server 2003, respectively. This flaw could allow the comprise of these systems and let an attacker run malicious code on an at-risk system.

Microsoft urges its customers to update their systems quickly.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
10 Top Cloud Computing Startups
Cynthia Harvey, Freelance Journalist, InformationWeek,  8/3/2020
How Enterprises Can Adopt Video Game Cloud Strategy
Joao-Pierre S. Ruth, Senior Writer,  7/28/2020
Conversational AI Comes of Age
Guest Commentary, Guest Commentary,  8/7/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
Special Report: Why Performance Testing is Crucial Today
This special report will help enterprises determine what they should expect from performance testing solutions and how to put them to work most efficiently. Get it today!
Flash Poll