Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 9 vulnerabilities that were fixed in 5 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 5 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=AC2DE442-6C98-4545-8072-2BE4064466CD
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=A49CC5E2-1072-4BF6-A7F3-029957EBB1C2
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C4B9D079-13F0-4E1E-834B-D2077838B9E1
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=703DE7D8-68D9-4A92-8C59-87221F89EF14
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=A7A5077B-4BF0-441A-AB43-D6A5E1B698E9
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=005930C0-4C3F-4FD3-9E08-D586632C5486
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D1747015-10C8-411F-8C26-773B59008FD8
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=005930C0-4C3F-4FD3-9E08-D586632C5486
Refer to Micrsoft Security Bulletin MS04-041 for further details.
A remote code execution vulnerability exists that could allow an attacker to send a specially crafted DHCP message to a DHCP server. However, attempts to exploit this vulnerability would most likely result in a denial of service of the DHCP Server service.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=7CC7F82D-F2A2-49AA-BF33-897498898EAD
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=69F3259F-3004-462C-B2A8-37F65EB78A2D
Refer to Micrsoft Security Bulletin MS04-042 for further details.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=4C87AF7B-0EE5-4761-AD58-3698D39B62BE
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D9F22FA6-1C9B-442A-BA6F-7584DB61C9C2
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=DA3DD6C9-DB7E-40A6-AFD0-5ED87C42190D
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=96BBD220-5E2A-43AD-B8B7-54EC608BD8BE
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=4970DA24-8C3B-4D99-8F89-13E8AF2E4382
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=06662D6D-E397-40F7-A7A6-9330FBA17EBF
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3A36E94B-A39F-4B56-8A2D-42F1089DD158
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=06662D6D-E397-40F7-A7A6-9330FBA17EBF
Refer to Micrsoft Security Bulletin MS04-043 for further details.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=325EAA8F-AF09-4839-B9E8-BB218C7A8564
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9823A61F-C69F-403A-BD6A-EF3984BFA2B8
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=EFDEA122-DDA4-40B8-A7AF-9DDCC3870C38
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=27115D5C-3E4A-4F41-B81E-376AA1CD204F
Microsoft Windows XP 64 Bit Edition Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1649AE1E-0ABF-4D31-BE12-3982C5146AE8
Microsoft Windows XP 64 Bit Edition Version 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=95849AB9-36BF-4A90-BC37-3B4FB6DCDF9A
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=AACB97CB-E8F0-461F-B2D2-F1065229B64E
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=95849AB9-36BF-4A90-BC37-3B4FB6DCDF9A
Refer to Microsoft Security Bulletin MS04-044 for further details.
A remote code execution vulnerability exists in WINS because of the way that it handles computer name validation due to an unchecked buffer in the method that WINS uses to validate the Name value in a specially-crafted packet.
The second remote code execution vulnerability exists due to the method used by WINS to validate association context data.
Note that WINS is not installed by default.
Microsoft Windows NT Server 4.0 Service Pack 6a :
http://www.microsoft.com/downloads/details.aspx?FamilyId=38E9DB8C-5C43-4E9A-9DC9-97C2686A45F1
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D7AB3F6F-26FE-4AE8-A07A-481D772D03A6
Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=40146B52-5546-489E-857E-01FE1EF709B2
Microsoft Windows Server 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=10836F38-A38B-47D5-B87B-18D8E26EEFAA
Microsoft Windows Server 2003 64 Bit Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=06CF9E85-C66D-4A7D-B2EB-99DE9423B60F
Refer to Micrsoft Security Bulletin MS04-045 for further details.
These new vulnerability checks are included in Qualys vulnerability signature 1.9.114-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.