Author Topic: Microsoft Security Advisory (975191)  (Read 2526 times)

0 Members and 1 Guest are viewing this topic.

pete319

  • Guest
Microsoft Security Advisory (975191)
« on: September 02, 2009, 08:34:40 AM »
Vulnerability in Internet Information Services FTP Service Could Allow for Remote Code Execution
Published or Last Updated: 9/1/2009

For more details visit:http://www.calendarofupdates.com/updates/index.php?showtopic=22546

CharleyO

  • Guest
Re: Microsoft Security Advisory (975191)
« Reply #1 on: September 02, 2009, 10:44:31 AM »
***

Thanks for the info, pete.


***

pete319

  • Guest
Re: Microsoft Security Advisory (975191)
« Reply #2 on: September 02, 2009, 11:07:40 AM »
***

Thanks for the info, pete.


***

Your welcome CharleyO  :)

Alan Baxter

  • Guest
Re: Microsoft Security Advisory (975191)
« Reply #3 on: September 02, 2009, 05:21:33 PM »
Thank you for letting us know, Pete. I'm glad you gave me a heads-up so I could check it out. It looks like those of us that aren't actually running an FTP service on a vulnerable system are safe. That's probably most of us, fortunately.  (See Mitigating Factors below if you're running XP or Server 2003.)

Quote
Affected Software: Operating System | Component

Microsoft Windows 2000 Service Pack 4 | Microsoft Internet Information Services 5.0
Windows XP Service Pack 2 and Windows XP Service Pack 3 | Microsoft Internet Information Services 5.1
Windows XP Service x64 Edition Service Pack 2 | Microsoft Internet Information Services 6.0
Windows Server 2003 Service Pack 2 | Microsoft Internet Information Services 6.0
Windows Server 2003 x64 Edition Service Pack 2 | Microsoft Internet Information Services 6.0
Windows Server 2003 with SP2 for Itanium-based Systems | Microsoft Internet Information Services 6.0

http://www.microsoft.com/technet/security/advisory/975191.mspx
Quote
Mitigating Factors

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of this issue. The following mitigating factors may be helpful in your situation:
•   

FTP service is not installed by default on all supported editions of Windows XP or Windows Server 2003. However, FTP service is installed by default on all supported editions of Microsoft Windows 2000 and all supported editions of Windows Small Business Server 2003.

pete319

  • Guest
Re: Microsoft Security Advisory (975191)
« Reply #4 on: September 03, 2009, 08:33:01 AM »
Thanks Alan for the added info in your reply ;)