Microsoft Security Bulletin (MS00-079) - P2P-Zone

Malk-a-mite · 26-05-01, 05:46 PM

Moved to Peer-to-Peer by Malk
---------------
The story:
http://www.theregister.co.uk/content/4/19234.html

Quote:

A maliciously-crafted Telnet URL can be used to trigger a buffer overrun, which in turn would enable an attacker to run arbitrary code on a machine with the victim's level of permission. A malicious HTML page exploiting the hole could easily be circulated via e-mail.

The M$ response:
http://www.microsoft.com/technet/sec...n/MS00-079.asp

Quote:

The HyperTerminal application is a communications utility that installs by default on all versions of Windows 98, 98SE, Windows ME, Windows NT 4.0, and Windows 2000. The product contains two unchecked buffers through which an attacker could potentially cause code of her choice to run on another user’s machine:

Mehmet · 26-05-01, 06:07 PM

In English, dont keep your naked pictures on your online pc..

Cheers Malk.. Been some time..

rebel_mom · 26-05-01, 06:09 PM

Yes I got that warning today since I help alot of seniors and many are from the UK or correspond with the Uk.

zombywoof · 26-05-01, 06:15 PM

I don't even know why they even bother packaging hyperterm on these pc's. Hyperterm IMO is a piece of garbage. I'd rather use packages such as procomm or Terranova for remote dial access and terminal emulation.

Thanks for the updates malk.

TankGirl · 26-05-01, 06:25 PM

...and out goes Hyperterminal from my system. Thanks again Malk-a-mite for bringing us important security information.

Note also this important news item that Malk posted recently on P2P:

Quote:

Windows Media Player hole surrenders your machine
http://www.theregister.co.uk/content/6/19164.html

"The Windows Media Player ASX (Active Stream Redirector) processor contains an unchecked buffer susceptible to an overrun which could enable an attacker to run arbitrary code on a machine with the victim's level of permission, a Microsoft security bulletin warns. "

So if you use Windows Media Player 6.4 or 7 it might be wise to download and run the security patch for ver 6.4 or the upgrade to 7.1 from ver 7.

Microsoft has had plenty of security problems in its standard software lately and especially IE seems to be a big security hole in itself.

- tg

Mehmet · 26-05-01, 06:51 PM

even better, spend some cash on macintosh..

assorted · 24-06-01, 01:27 AM

lovely link malk; thx.

has this one ever been fixed?

http://www.guninski.com/javaea.html

i still have active scripting turned off on my ie because of it... it works like a charm... i haven't upgraded my ie in a while; was this ever taken care of?

26-05-01, 06:07 PM	#2
Mehmet Post Different. Join Date: Mar 2001 Posts: 327	In English, dont keep your naked pictures on your online pc.. Cheers Malk.. Been some time.. __________________ Kimse yok isime karisan.. Gozum siselere takiliyor.. Becerebilseydim.. Ne ala.. Bu gunlerde boyleyim ben..

26-05-01, 06:15 PM	#4
zombywoof Join Date: Mar 2000 Posts: 2,160	I don't even know why they even bother packaging hyperterm on these pc's. Hyperterm IMO is a piece of garbage. I'd rather use packages such as procomm or Terranova for remote dial access and terminal emulation. Thanks for the updates malk. Last edited by zombywoof : 26-05-01 at 06:35 PM.

26-05-01, 06:51 PM	#6
Mehmet Post Different. Join Date: Mar 2001 Posts: 327	even better, spend some cash on macintosh.. __________________ Kimse yok isime karisan.. Gozum siselere takiliyor.. Becerebilseydim.. Ne ala.. Bu gunlerde boyleyim ben..

24-06-01, 01:27 AM	#7
assorted WAH! Join Date: Apr 2001 Posts: 725	lovely link malk; thx. has this one ever been fixed? http://www.guninski.com/javaea.html i still have active scripting turned off on my ie because of it... it works like a charm... i haven't upgraded my ie in a while; was this ever taken care of? __________________ I hate hate haters

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

26-05-01, 06:09 PM	#3
rebel_mom who's line is it anyways? Join Date: Jan 2001 Posts: 2,656	Yes I got that warning today since I help alot of seniors and many are from the UK or correspond with the Uk.