Virus-advarsel (NB! Spoof)

[DrDoogie]

 

The Microsoft Security Bulletin they -=should=- issue, but won't.

 

-rick

Infowarrior.org

 

-----------------------------------------------------------------

 

Title: Ongoing Compromises of the Windows Operating Environment

Date: 20 August 2003

 

Software:

 

- Microsoft Windows 3.1

- Microsoft Windows 95

- Microsoft Windows 98

- Microsoft Windows NT 4.0

- Microsoft Windows SE

- Microsoft Windows ME

- Microsoft Windows 2000

- Microsoft Windows 2000 Server

- Microsoft Windows XP

- Microsoft Windows Server 2003

 

Impact: Run code of the attacker's choice

Max Risk: Important

Bulletin: MS02-0401 (REVISED)

 

Microsoft encourages customers to review Security Information at:

http://www.microsoft.com/security on a regular basis, and subscribe to

CERT/CC bulletins at http://www.cert.org.

-----------------------------------------------------------------

 

Issue:

=====

 

Microsoft Windows is a collection of software components that enable users

to experience the Internet. All components share a common series of

interfaces that taken together comprise the Windows Operating Environment.

 

- By default, Internet Explorer is enabled on all systems running Microsoft

Windows. (It should be noted that there are substantial issues with Internet

Explorer reported; users should consult the Microsoft Security Resource

Center to obtain the appropriate patches.)

 

- Insecure scripting languages such as VBScripting are used throughout the

Microsoft Windows Operating Environment and included in many Microsoft

applications such as Microsoft Office. Users have reported that it is

difficult, if not impossible, to completely remove such scripting features

even though they are proven to be regularly exploitable, thus making it

likely they will be subject to repeated exploitation.

 

- Microsoft products often integrate with the operating system internals,

meaning that by installing new software, particularly from Microsoft, the

operating system may become modified and thus provide an opportunity to

introduce new vulnerabilities or exploit trusted relationships within the

Windows Operating Environment. As such, many applications are difficult to

uninstall completely from a computer since they may be serving as patches to

the underlying operating system.

 

- Improper software development has facilitated repeated security incidents

resulting in the loss of customer information, e-mail addresses, system

downtime, and customer productivity in environments based on the Microsoft

Windows Operating Environment. User misconfiguration is also a factor.

 

- Microsoft products are often rushed to market without a thorough check of

the software quality. Buffer overflows are one result of this issue, and

after several years of high-profile incidents, continue to impact the

technology community instead of being fixed once and for all. Microsoft

notes that it frequently releases patches to existing patches and believes

this is the best way for users to stay protected given Microsoft's current

software development and business practices.

 

- Due to the frequency of patches and critical fixes being released to the

user community, it's quite likely that many network administrators are

hesitant to install such patches, since the cure may be worse than the

original problem, or even create new ones, as evidenced by issues arising

from several Windows Service Packs over the years.

 

- Despite advances in marketing a concept of "Trustworthy Computing" it is

unlikely that there will be any single solution to remedy the many issues

associated with the security and stability of Microsoft products.

 

Microsoft prides itself on innovation and consistency in developing new and

exciting software products. Over the years, customers have come to expect

this as a hallmark of how Microsoft does business. The fact that each new

security incident resulting from Microsoft products presents a higher degree

of danger to the Internet community is one example of our ability to produce

software products in a consistent manner with regard to quality assurance,

reliability, and security. We reiterate our pledge to provide software

products with a consistent level of quality to our customers worldwide.

 

 

Mitigating Factors:

====================

 

- For an attack against Microsoft Operating Environment to be successful,

the user/victim must be running an exploitable version of Microsoft Windows.

 

- Microsoft Windows systems operating in closed network environments stand a

somewhat higher chance of survivability when new security incidents

regarding Microsoft products is reported than other, more exposed systems.

Systems that are not connected to a network are most secure from such

network-based exploits.

 

 

Risk Rating:

============

 

- Important

 

 

Patch Availability:

===================

 

- No patches are available to fix this vulnerability. However, there are

four technical actions for users to take to increase their level of

operating system and information security:

 

(1) Boot the affected computer from a floppy disk.

 

(2) At the command prompt, type "format c: /sys." For more severely-damaged

systems, run the FDISK command. (Visit http://fdisk.radified.com/ for

information on this Microsoft-produced disk utility.)

 

(3) Once complete, decide on what non-Microsoft operating system you would

like to use instead. Some suggested ones are Linux and Mac OSX. (Note that

users will need new hardware to take full advantage of Mac OSX.) Users are

strongly advised to avoid anything with the words "SCO" or "UnixWare" in it,

as these words represent a company that's almost as greedy and evil as we

are at Microsoft.

 

(4) Get on with doing the work that you bought the computer for to begin with.

 

This Advisory supersedes Microsoft Security Bulletin MS02-0401 "Local User

Actions May Provide Unauthorized Remote Access" dated 1 April 2002. This

Bulletin may be found at http://www.infowarrior.org/articles/2002-04.html.

 

 

Acknowledgment:

===============

 

Microsoft thanks Richard Forno for reporting this issue to us and for

working with us to help protect customers. Richard Forno

(www.infowarrior.org) thanks the internet community for recognizing a

belated (but quite truthful) April Fools' joke when they see it. He

further thanks Microsoft for producing products that not only keep him and

his friends employed as IT and security professonals but continue to pollute

the Internet and adversely impact on people not even running Windows. Thanks

a bunch, guys.

 

----------------------------------------------------------------

 

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS"

WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER

EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS

FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS

SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,

INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN

IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE

POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR

LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE

FOREGOING LIMITATION MAY NOT APPLY. MICROSOFT HAS NO KNOWLEDGE OF THIS APRIL

FOOLS SATIRE AND HAS NOT ENDORSED IT, NOR DID THIS 'SECURITY BULLETIN'

ORIGINATE FROM ANY MICROSOFT OFFICE. IT'S A SATIRE -- SO READ IT, LAUGH, AND

HOPEFULLY LEARN FROM IT. MICROSOFT IS A TRADEMARK OF MICROSOFT CORP.

 

-----BEGIN PGP SIGNATURE----- Version: PGP 7.1

 

iQEVAwUBP0LEf40ZSRQxA/UrAQGjdgf/cI1c4F3brtV3vKxg7UrySrpwOGlKjqy6

AL3pfhbXfNQENTfDB1xjhwVeKBKUUdKWZqsK7g0rEdJJOeZeCuJXGlTd78xcrU5j

Znqi3rpDNAnflmc9MNrB1bAnacHrug6N8SSryoIEZZIjB2v+vkCQhTEMybFZ7eUV

ICF1xP0qf+h7/aw6TrR/yNTuYUiZWFvU/BfnRPl6bGfqQafv+IU0K+k6jG/7Q4Vx

Kacv213W0sWWMk3KIognlMACwG9E6m2rVwvA1hilUuFLzwd1ZyHYEsLsy8C5XPFS

lS5jtGzTznepbJEvSogVc/QSB70pcDrdqF4MDMkQxTrsKeyO0ieIQQ== =+krE

 

-----END PGP SIGNATURE-----

 

 

 

--

You are a subscribed member of the infowarrior list. Visit

www.infowarrior.org/lists for list information or to unsubscribe. This

message may be redistributed freely in its entirety.

 

 

------ End of Forwarded Message

 

 

Kilde: http://www.infowarrior.org/articles/2003-02.html

[MemorX]

Hører vel hjemme under Programvare --> Virus

[Ueland]

Flyttes.

[Mr-CEO]

den passer vel bedre under OT->Humor?