Network Associates Mcafee Security Protects Against Three New Microsoft Windows Vulnerabilities Disclosed Today
- 11 February, 2004 11:11
<p>Sydney, 11 February 2004— Network Associates, the leading provider of intrusion prevention solutions, today announced that it provides comprehensive system and network protection for the MS04-005, MS04-006 and MS04-07 vulnerabilities announced by Microsoft Corporation today. These vulnerabilities have been reviewed by McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team) security research teams at Network Associates. Based on its findings, McAfee AVERT recommends that users confirm the Microsoft product versioning outlined below in the Microsoft bulletin to ensure protection and to update or deploy the solutions outlined below.</p>
<p>Microsoft Vulnerabilities Overview
• MS04-005: Vulnerability in Virtual PC for Mac Could Lead to Privilege Elevation (835150)
• MS04-006: Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)
• MS04-007: ASN .1 Vulnerability that Could Allow Code Execution (828028)</p>
<p>Scope of Potential Compromises
These vulnerabilities range in scope from a vulnerability in Microsoft Virtual PC for Mac, which could lead to privilege elevation, a vulnerability in WINS, which could allow code execution and cause a denial of service on Windows Server 2003, to an ASN.1 vulnerability, which could allow an attacker to take any action on a user's system, including installing programs, viewing or changing data, and creating new accounts with full privileges.</p>
<p>More information on the vulnerabilities can be found at http://vil.nai.com/vil/content/v_101003.htm and http://www.microsoft.com/security/security_bulletins.</p>
McAfee Entercept, by default, protects users against execution of injected code due to a buffer overflow/overrun vulnerability such as the MS04-006 and MS04-007 vulnerabilities. This protection functions whether or not the machine has the latest security patch installed.
McAfee IntruShield signature sets 1.5.31 and 1.8.18 or later will be updated to include detection for the MS04-006 and MS04-007 vulnerabilities. With the new signature set, McAfee IntruShield deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.</p>
<p>McAfee Desktop Firewall stops the MS04-006 by blocking TCP port 42 at the firewall.
Filters for the MS04-006 vulnerability have been created for Sniffer Distributed, Sniffer Portable and the Netasyst network analyzer to alert network managers to the presence of malicious traffic traveling in the network specific to these vulnerabilities and potential exploits.</p>
<p>McAfee Threatscan users should update both the server and agent signatures to provide protection for the MS04-006 and MS04-007 vulnerabilities. Microsoft users can update their affected systems with the necessary patches available on the Microsoft web site at http://www.microsoft.com/security/security_bulletins.</p>
<p>McAfee AVERT Labs is one of the top-ranked anti-virus and anti-vulnerability research organizations in the world, employing more than 90 researchers in offices on five continents. McAfee AVERT protects customers by providing cures that are developed through the combined efforts of McAfee AVERT researchers and McAfee AVERT AutoImmune technology, which applies advanced heuristics, generic detection, and ActiveDAT technology to generate cures for previously undiscovered viruses.</p>
For further information, please contact:
Telephone: 02 9761 4229</p>
<p>With headquarters in Santa Clara, California, Network Associates, Inc. (NYSE: NET), creates best-of-breed computer security solutions that prevent intrusions on networks and protect computer systems from the next generation of blended attacks and threats. Offering two families of products, McAfee System Protection Solutions, securing desktops and servers, and McAfee Network Protection Solutions, ensuring the protection and performance of the corporate network, Network Associates offers computer security to large enterprises, governments, small and medium sized businesses, and consumers. For more information, Network Associates can be reached on the Internet at http://www.networkassociates.com/.</p>
- Surge in cryptocurrency-mining malware heralds bigger problems for CSOs
- Intel touts new Spectre-resistant Cascade Lake chips later this year
- “Truly frightening” IoT security should motivate CSOs to reconsider their endpoint strategies
- The Five Stages of Data Breach Grief
- Are Spectre and Meltdown just hype?