Windows 98 support extended. Reports of SQL Slammer, Solaris TTYPROMPT compromises
Windows 98 Support Extended
The ZD Net news service is reporting that Microsoft has announced a reprieve for the discontinuance of support for Windows 98. Organizations should use this extra time to plan a migration path away from Windows 98 in order to continue receiving security updates and patches in the future.
Link:
http://news.zdnet.co.uk/software/windows/0,39020396,39119028,00.htm
SQL Slammer Activity
One organization reported a recent increase in the number of SQL Slammer infections. Just a reminder that SQL Slammer is still a very real threat if you are running unpatched versions of MS SQL Server 2000 or the Microsoft Desktop Engine (MSDE). Microsoft patches MS02-039 and MS02-061 are needed to resolve the vulnerability exploited by SQL Slammer. Organizations should consider maintaining filters on routers and firewalls for UDP/1434 to stop SQL Slammer activity from entering and leaving your network.
Links:
http://www.cert.org/advisories/CA-2003-04.html
http://www.microsoft.com/technet/security/virus/alerts/slammer.asp
Solaris TTYPROMPT Exploits in use
At least one organization has reported Solaris 8 systems being exploited with the Solaris TTYPROMPT vulnerability. This vulnerability affects the Solaris telnet service and permits a remote attacker to gain access to privileged user accounts. SunSolve patch 110668-03 is needed to fix this vulnerability on Solaris 8. This vulnerability was announced on the BUGTRAQ mailing list on 18-JAN-2002.
Links:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F28063
http://www.securityfocus.com/bid/5531/info/
-Joshua Wright
The ZD Net news service is reporting that Microsoft has announced a reprieve for the discontinuance of support for Windows 98. Organizations should use this extra time to plan a migration path away from Windows 98 in order to continue receiving security updates and patches in the future.
Link:
http://news.zdnet.co.uk/software/windows/0,39020396,39119028,00.htm
SQL Slammer Activity
One organization reported a recent increase in the number of SQL Slammer infections. Just a reminder that SQL Slammer is still a very real threat if you are running unpatched versions of MS SQL Server 2000 or the Microsoft Desktop Engine (MSDE). Microsoft patches MS02-039 and MS02-061 are needed to resolve the vulnerability exploited by SQL Slammer. Organizations should consider maintaining filters on routers and firewalls for UDP/1434 to stop SQL Slammer activity from entering and leaving your network.
Links:
http://www.cert.org/advisories/CA-2003-04.html
http://www.microsoft.com/technet/security/virus/alerts/slammer.asp
Solaris TTYPROMPT Exploits in use
At least one organization has reported Solaris 8 systems being exploited with the Solaris TTYPROMPT vulnerability. This vulnerability affects the Solaris telnet service and permits a remote attacker to gain access to privileged user accounts. SunSolve patch 110668-03 is needed to fix this vulnerability on Solaris 8. This vulnerability was announced on the BUGTRAQ mailing list on 18-JAN-2002.
Links:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F28063
http://www.securityfocus.com/bid/5531/info/
-Joshua Wright
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments