Microsoft security alert.
August 8, 2006
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 24 vulnerabilities that were fixed in 12 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 12 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Management Console Remote Code Execution Vulnerability (MS06-044)
- Severity
- Urgent 5
- Qualys ID
- 90345
- Vendor Reference
- MS06-044
- CVE Reference
- CVE-2006-3643
- CVSS Scores
- Base 6 / Temporal 5.2
- Description
-
Microsoft Management Console (MMC) is an integrated administration user interface and administration model for Windows based environments.
MMC is vulnerable to a remote code execution issue. HTML embedded resource files in the Microsoft Management Console library can be directly referenced from the Internet or Intranet zone via Internet Explorer.
- Consequence
- If successfully exploited, an attacker could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=87fe4c18-21dc-4d83-a1d8-503b92fdba2bRefer to Microsoft Security Bulletin MS06-044 for further details.
-
Vulnerability in Server Service Could Allow Remote Code Execution (MS06-040)
- Severity
- Urgent 5
- Qualys ID
- 90336
- Vendor Reference
- MS06-040
- CVE Reference
- CVE-2006-3439
- CVSS Scores
- Base 10 / Temporal 8.3
- Description
-
An unchecked buffer in the Server service is responsible for a remote code execution vulnerability. Any anonymous user who can deliver a specially crafted message to the affected system could try to exploit this vulnerability.
The Server service provides RPC support, file print support and named pipe sharing over the network. The Server service allows the sharing of your local resources (such as disks and printers) so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC.
- Consequence
- An attacker who successfully exploits this vulnerability could take complete control of the affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3b61153d-359f-4441-a448-24062cb2387cMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2996b9b6-03ff-4636-861a-46b3eac7a305Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=314c7c2c-9a02-4e56-98cf-97703fecf0beMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=a0058f39-6dea-4dfc-9dd6-4cb45b305decMicrosoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=af970833-2044-4284-937d-3beb2e2f286dMicrosoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3b0c1954-fca5-4e95-abb2-6066a9d6bc76Refer to Micrsoft Security Bulletin MS06-040 for further details.
-
Vulnerability in DNS Resolution Could Allow Remote Code Execution (MS06-041)
- Severity
- Urgent 5
- Qualys ID
- 90337
- Vendor Reference
- MS06-041
- CVE Reference
- CVE-2006-3440, CVE-2006-3441
- CVSS Scores
- Base 10 / Temporal 7.8
- Description
- This update resolves two vulnerabilities in DNS and Winsock. Information available about the Winsock vulnerability indicates that for an attack to be successful the attacker would have to force the user to open a file or visit a Web site that is specially crafted to call the affected Winsock API.
- Consequence
- An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=144408a7-3011-458a-bc79-49b1658aa25dMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=c332b95a-2956-406b-9e06-07c5e96b02e3Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1be5310b-1995-4ef9-a462-04da9833f50bMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=6d027e72-1f94-44de-95f9-f52000a991ccMicrosoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=18477016-0b70-4c86-90c7-3535d365b7c1Microsoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=583b741c-47e2-429d-9d50-44670bb2f452Refer to Micrsoft Security Bulletin MS06-041 for further details.
-
Microsoft Cumulative Security Update for Internet Explorer (MS06-042)
- Severity
- Urgent 5
- Qualys ID
- 100036
- Vendor Reference
- MS06-042
- CVE Reference
- CVE-2004-1166, CVE-2006-3280, CVE-2006-3450, CVE-2006-3451, CVE-2006-3637, CVE-2006-3638, CVE-2006-3639, CVE-2006-3640, CVE-2006-3873
- CVSS Scores
- Base 7.5 / Temporal 5.9
- Description
-
This update resolves several newly discovered vulnerabilities. They are:
- Redirect Cross-Domain Information Disclosure Vulnerability
- HTML Layout and Positioning Memory Corruption Vulnerability
- CSS Memory Corruption Vulnerability
- HTML Rendering Memory Corruption Vulnerability
- COM Object Instantiation Memory Corruption Vulnerability
- Source Element Cross-Domain Vulnerability
- Window Location Information Disclosure Vulnerability
- FTP Server Command Injection Vulnerability - Consequence
- An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=44A8C303-B46C-4CCE-8442-D8A1CF1561DC&displaylang=enInternet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B6E09C27-CE26-494F-AD2A-6C9A8C72453F&displaylang=enInternet Explorer 6 for Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=CDB85BCA-0C17-44AA-B74E-F01B5392BB31Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D30209FA-9994-4F1B-B6D6-4BACC328135A&displaylang=enInternet Explorer 6 for Microsoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=FFE108B8-05C9-4B5E-A8A4-042F49068972Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?familyid=5C2A23AC-3F2E-4BEC-BE16-4B45B44C6346Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CE7F66D-4D83-4090-A034-9BBE286D96FARefer to Microsoft Security Bulletin MS06-042 for further details.
-
Microsoft Windows Remote Code Execution Vulnerability (MS06-043)
- Severity
- Urgent 5
- Qualys ID
- 90340
- Vendor Reference
- MS06-043
- CVE Reference
- CVE-2006-2766
- CVSS Scores
- Base 2.6 / Temporal 2.1
- Description
- This update resolves a newly-discovered, publicly-reported vulnerability. The vulnerability results from incorrect parsing of the MHTML protocol. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail that could potentially lead to remote code execution if a user visits the specially crafted Web site or clicks a link in a specially crafted e-mail message.
- Consequence
- An attacker who successfully exploits this vulnerability could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Outlook Express 6 on Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=c9037cdb-3a57-4db7-aa0d-5ad28730303aOutlook Express 6 on Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?familyid=71f09617-d3cd-45fb-a09b-a9025c1d3f47Outlook Express 6 on Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=0c7e507f-2a42-49b5-82b2-84a6ec40b895Outlook Express 6 on Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?familyid=8f062b1c-7b93-4cb2-835a-b58ba29435f2Outlook Express 6 on Microsoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2aa6b4d1-a6eb-425b-ab7e-6cc27124a59eRefer to Microsoft Security Bulletin MS06-043 for further details.
-
Microsoft Windows Explorer Remote Code Execution Vulnerability (MS06-045)
- Severity
- Serious 3
- Qualys ID
- 90344
- Vendor Reference
- MS06-045
- CVE Reference
- CVE-2006-3281
- CVSS Scores
- Base 5.1 / Temporal 4
- Description
- A remote code execution vulnerability exists in Windows Explorer because of the way that Windows Explorer handles Drag and Drop events. An attacker could exploit the vulnerability by constructing a malicious web page that could allow an attacker to save a file on the user's system if the user visits a malicious web site or views a malicious e-mail message.
- Consequence
- If successfully exploited, an attacker could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=38cee83e-b17a-4c08-90ce-fb836b9615adMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=6ef68858-4c91-47fb-ae34-0be556f10edeMicrosoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=50935f4e-e383-493e-97c6-599cbb2b87ccMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=759435a3-98f9-4115-b52e-d7fa9d024f16Microsoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=462131c6-a728-4b3c-94de-85deccc42c3eMicrosoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=50eef5c5-861d-4802-85a2-6b0627aafc2aRefer to Microsoft Security Bulletin MS06-045 for further details.
-
Microsoft HTML Help Remote Code Execution Vulnerability (MS06-046)
- Severity
- Urgent 5
- Qualys ID
- 90343
- Vendor Reference
- MS06-046
- CVE Reference
- CVE-2006-3357
- CVSS Scores
- Base 7.5 / Temporal 5.9
- Description
-
Microsoft HTML Help is the help system for the Windows platform. The HTML Help ActiveX control is a program that is used to insert help navigation and secondary window functionality into an HTML file.
There is a string buffer issue within the HTML Help ActiveX control.
- Consequence
- If successfully exploited, an attacker could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=34ebe5d3-40c9-41dc-aaff-64608d3ac7b1Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=a6e2cb0a-146f-4300-95cb-7078ce9f9844Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=997a633a-8836-4c0f-98f9-1fd378de4b0cMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=5132c3bc-f3af-464e-a615-60f72677bd4bMicrosoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=527cc785-e69e-4ade-aaf7-61f96ac3ca7aMicrosoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=fd1253b0-f4db-4808-a381-98ff9870ebb3Refer to Micrsoft Security Bulletin MS06-046 for further details.
-
Microsoft Visual Basic for Applications Remote Code Execution Vulnerability (MS06-047)
- Severity
- Urgent 5
- Qualys ID
- 90341
- Vendor Reference
- MS06-047
- CVE Reference
- CVE-2006-3649
- CVSS Scores
- Base 5.1 / Temporal 4.2
- Description
- A remote code execution vulnerability exists in the way that Visual Basic for Applications (VBA) checks the document properties that a host application passes to it when opening a document. This vulnerability could allow an attacker who successfully exploits the vulnerability to take complete control of the affected system.
- Consequence
- If this vulnerability is successfully exploited, an attacker can fully compromise the victim machine remotely.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Works Suites (Microsoft Works Suite 2004 ):
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7CMicrosoft Works Suites (Microsoft Works Suite 2005 ):
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7CMicrosoft Works Suites (Microsoft Works Suite 2006 ):
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7CMicrosoft Office 2000 Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=837A4FA9-FABC-4119-9AAF-2C8663029D2BMicrosoft Project 2000 Service Release 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=744DD25D-B9A7-4E30-B64E-1C9BB0F87D90Microsoft Access 2000 Runtime Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=ED5A8C40-C592-4299-AFB2-5F0F6E2B1DCDMicrosoft Office XP Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7CMicrosoft Project 2002 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=62EF50AA-6061-4185-9713-F8C31B195103Microsoft Visio 2002 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=43525B6A-58B7-49C7-88D8-4983D1614A96Microsoft Visual Basic for Applications SDK 6.0 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3Microsoft Visual Basic for Applications SDK 6.2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3Microsoft Visual Basic for Applications SDK 6.3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3For a complete list of patch download links, please refer to Microsoft Security Bulletin MS06-047.
-
Microsoft PowerPoint Remote Code Execution Vulnerabilities (MS06-048)
- Severity
- Critical 4
- Qualys ID
- 110038
- Vendor Reference
- MS06-048
- CVE Reference
- CVE-2006-3449, CVE-2006-3590
- CVSS Scores
- Base 7.5 / Temporal 6.5
- Description
-
Microsoft PowerPoint is exposed to multiple remote code execution vulnerabilities. A remote code execution vulnerability could be exploited when a file containing a malformed shape container or a file containing a malformed record is parsed by PowerPoint.
An attacker could exploit these vulnerabilities by constructing a specially crafted PowerPoint file that could allow remote code execution. Such files might be included in e-mail attachments or hosted on a malicious web site.
- Consequence
- An attacker who successfully exploits this vulnerability could gain the same user rights as the local user.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Office 2000 Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=B7B5615B-7C20-4C49-892F-7F4CCC2D6006Microsoft Office XP Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=A9C7E43B-A0A6-4C81-87ED-3F4DED78EAEAMicrosoft Office 2003 Service Pack 1 or Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=DE1CB2A7-5D4C-44B8-BC40-7E0A88CC3081Microsoft Office 2004 for Mac :
http://www.microsoft.com/macMicrosoft Office v. X for Mac :
http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/officex/OfficeX_1018.xml&secid=5&ssid=32&flgnosysreq=TrueRefer to Micrsoft Security Bulletin MS06-048 for further details.
-
Microsoft Windows Kernel Privilege Elevation Vulnerability (MS06-049)
- Severity
- Urgent 5
- Qualys ID
- 90339
- Vendor Reference
- MS06-049
- CVE Reference
- CVE-2006-3444
- CVSS Scores
- Base 7.5 / Temporal 5.9
- Description
- There is a privilege elevation vulnerability in Windows 2000 caused by improper validation of system inputs. This vulnerability could allow a logged on user to take complete control of the system.
- Consequence
- A logged on attacker can fully compromise the vulnerable machine.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=08806182-6a26-4663-91ea-179817350a91Refer to Micrsoft Security Bulletin MS06-049 for further details.
-
Microsoft Windows Hyperlink Object Library Remote Code Execution Vulnerabilities (MS06-050)
- Severity
- Critical 4
- Qualys ID
- 90338
- Vendor Reference
- MS06-050
- CVE Reference
- CVE-2006-3086, CVE-2006-3438
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
- This update resolves two vulnerabilities in the Windows Hyperlink Object Library that allow remote code execution.
- Consequence
- If a user is logged on with administrative user rights, an attacker who successfully exploits this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=bfe3f869-08be-4f13-97a1-7274ad44c7fbMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2d014bac-f03d-474a-a7ab-49e8ead8edb0Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=cae094e4-64a0-4577-986b-4d6c131806d9Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=21d1e864-4517-4353-8477-b4cd3c6187c0Microsoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=bc60b6c3-ada8-48ab-a63d-b2f1c9320b0dMicrosoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9d2ba5d1-6f91-47b4-8cc1-dcd44baaa6ceRefer to Microsoft Security Bulletin MS06-050 for further details.
-
Microsoft Windows Kernel Remote Code Execution Vulnerability (MS06-051)
- Severity
- Urgent 5
- Qualys ID
- 90342
- Vendor Reference
- MS06-051
- CVE Reference
- CVE-2006-3443, CVE-2006-3648
- CVSS Scores
- Base 7.6 / Temporal 5.6
- Description
- This Microsoft update resolves multiple vulnerabilities in the Windows kernel.
- Consequence
- An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=83e0c6fb-a542-463a-88fd-dc388605a8aeMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=71e96afc-bc4d-4666-998b-49857007e539Microsoft Windows XP Professional x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=a6fe5b95-11d1-42cd-995c-c8cef8a27aefMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=7d0f888b-df35-40df-baff-0bae2b921aefMicrosoft Windows Server 2003 for Itanium based Systems and Microsoft Windows Server 2003 with SP1 for Itanium based Systems :
http://www.microsoft.com/downloads/details.aspx?FamilyId=df365b0b-f97f-4df1-9105-d81b68a110ebMicrosoft Windows Server 2003 x64 Edition :
http://www.microsoft.com/downloads/details.aspx?FamilyId=3f750ad5-5bfb-4421-a316-ae66f0557eacRefer to Micrsoft Security Bulletin MS06-051 for further details.
These new vulnerability checks are included in Qualys vulnerability signature 1.15.21-5. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 90345
- 90336
- 90337
- 100036
- 90340
- 90344
- 90343
- 90341
- 110038
- 90339
- 90338
- 90342
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.