- MS04-005: Vulnerability in Virtual PC for Mac could lead to privilege elevation
- MS04-006: Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution
- MS04-007: ASN.1 Vulnerability Could Allow Code Execution
The MS04-005 and MS04-006 bulletins address vulnerabilities with a relatively limited scope. The "Vulnerability in Virtual PC for Mac could lead to privilege elevation" flaw only affects Mac OS users who are running the Microsoft Virtual PC software. The "Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution" flaw only affects servers running the WINS service and even then the exploit really only affects Windows Server 2003 according to the bulletin.
The third bulletin however, MS04-007, addresses a significant and pervasive hole. It is not limited to only Mac OS or Windows Server 2003 users. The "ASN.1 Vulnerability Could Allow Code Execution" flaw, if successfully exploited, would give the attacker complete control over the target system with the permissions and privileges of the system.
Translated, this means that exploiting this buffer overflow would allow an attacker to install and execute malicious programs, change or delete data on the target system, create new user accounts with administrative privileges and more.
Microsoft states in the bulletin that servers are most likely at greater risk than desktop machines because the servers are more likely to be running a service that would decode the malformed ASN.1 data.
ASN.1 is so widely used that there is a fear that malicious coders will develop a worm to exploit the flaw similar to the way the MSBlast (or Blaster) worm exploited flaws in DCOM last year.
Be sure to review these bulletins to determine if your system(s) are affected and apply any necessary patches as soon as possible.
