TSC Tech Alerts

MS05-039: New Microsoft Security  Vulnerabilities

(August 17, 2005)

Introduction

Microsoft has released a patch and security bulletin, MS05-039, to protect against a number of newly-discovered vulnerabilities in Windows operating systems.  Microsoft has released patches for all effected operating system versions, and you will need to install the patch outlined in MS05-039 on all relevant systems you own or manage as soon as possible. 

Numerous exploits have been released on the Internet targeting this vulnerability.  It is critical to update machines as quickly as possible.

Description

Most of these worms spread by exploiting a recent Microsoft vulnerability, spreading from machine to machine with no user intervention required.  Therefore, if you don't have the patch, your machine WILL be infected.

An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

Microsoft recommends that customers apply the update immediately.

Prevention

Install the patch outlined in MS05-039 on all relevant systems you own or manage.  After patching your system, it is recommended that you run Windows Update at least weekly, or set it up to run automatically, to keep your system up-to-date with security patches.  It is also important to update the "dat" files for your virus protection software.  See www.iup.edu/tsc/mcafee for information on downloading these critical files.

Removal

If you are concerned that you may have this virus on an IUP PC, please contact the person or group responsible for your computing support.

To address an infected machine, following the guidelines provided at any of reference sites noted below.   Note that you should remove the virus and apply the patch before you can reconnect your machine to the Internet.  Otherwise, you will risk re-infecting your machine as well as others.

References

More information on the vulnerabilities may be found online at:

• Microsoft: http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx
• Microsoft: http://support.microsoft.com/?kbid=899588
• NAI: http://vil.nai.com/vil/content/v_135433.htm and http://vil.mcafeesecurity.com/vil/content/v_135491.htm
• CERT: http://www.us-cert.gov/current/current_activity.html#VU998653 and http://www.us-cert.gov/current/current_activity.html#zotob

Read this disclaimer.

Maintained by Bill Balint.

6,991 accesses since 17-August -2005 ... Last Modified Thursday January 31 2008