Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-09-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Windows update; Katrina information still flowing

Published: 2005-09-03
Last Updated: 2005-09-07 13:30:46 UTC
by Tony Carothers (Version: 1)
0 comment(s)
While Katrina information is still flowing heavily, things elsewhere continue as usual. Microsoft has released an update that deals with the Windows Firewall, however is not listing it as "Critical".

Windows Update

One of our readers, Thomas, submitted this morning that Microsoft has released a new update. This update applies to Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1). This patch fixes a condition where an exception may not show up in the Windows Firewall GUI, if this exception is created by modifying the registry directly. In order to do this, administrative priveleges are required on the box. The danger in this flaw is that a hacker could open a backdoor that would not be shown in the GUI Firewall ruleset. Just a side note, MS is not calling this a flaw, but an "unexpected behavior".


Article Link
http://support.microsoft.com/kb/897663

Download link


I will be adding new information as it comes in today regarding ways to help the hurricane victims. For now, please take a look at Jim Clausing's excellent write-up yesterday.

http://isc.sans.org/diary.php?date=2005-09-02


The last word

I'd like to give thanx for the help today, and give credit to all those that have been working hard to curb the fraudulent websites popping up.
Thanx to all the other Handlers, including Tom L., Lorna H., Scott F., Dr. J., Marcus S., Patrick N., and the rest of the Handlers. I'd also like to give a *big* thanx to the ISP's out there who've done some 'creative' clean-up on these sites as well.

Thank you!
Tony Carothers
Handler on Duty
Keywords:
0 comment(s)
Diary Archives