Home > Enterprise Desktop News > Microsoft warns of Windows memory flaw
Enterprise Desktop News:
EMAIL THIS LICENSING & REPRINTS

Microsoft warns of Windows memory flaw

By Bill Brenner, News Writer
17 Nov 2005 | SearchSecurity.com

Advice for securing Windows
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

Windows users should make sure their firewalls are properly configured so they don't fall victim to an attack by way of a new operating system flaw, Microsoft warned in an advisory Thursday. The software giant acknowledged that proof-of-concept exploit code is circulating.

"Microsoft is aware of public reports of proof-of-concept code that seeks to exploit a possible vulnerability in Microsoft Windows 2000 Service Pack 4 (SP4) and in Microsoft Windows XP Service Pack 1 (SP1)," the company said. "This vulnerability could allow an attacker to levy a denial-of-service attack of limited duration."

But the company stressed that the security hole isn't easy to exploit, saying, "On Windows XP Service Pack 1, an attacker must have valid logon credentials to try to exploit this vulnerability… [which] could not be exploited remotely by anonymous users."

Danish vulnerability clearinghouse Secunia said the flaw, discovered by researcher Winny Thomas, "is caused due to a memory allocation error when handling UPnP GetDeviceList requests via RPC." The firm said this could be exploited to cause "services.exe" to consume a large amount of memory for a limited period of time.

Microsoft said the affected component is available remotely to users with standard user accounts, and that customers running Windows XP SP2, Windows Server 2003 and Windows Server 2003 SP1 are not affected.

"Microsoft is not aware of active attacks that use this vulnerability or of customer impact at this time," the software giant added. "However, Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary."

A Microsoft spokesman said in an e-mail that the company was concerned about the flaw not being disclosed responsibly, adding, "We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests."

Though no patch is currently available, the company said users should be protected as long as their firewalls are properly enabled.

This article originally appeared on SearchSecurity.com.

Tags: Intrusion detection, prevention and removalVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google




Windows Desktop Technology - Virtualization, Virtual Infrastructure, Virtual Desktop
HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts