Microsoft

Windows is plagued by new DoS vulnerabilities

In addition to the Code Red worm alert, Microsoft has issued two bulletins warning of denial of service problems in Windows. Exterminator has links to the bulletins, along with the usual selection of patches from Novell and virus news from Trend Micro.


Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS01-033)
Regarding: Windows NT and Windows 2000 IIS
Patch URL: Click here for the Windows NT patch.
Click here for the Windows 2000 patch.
Information URL: Click here for more information.

In case you missed it the first time, here’s the patch to protect yourself from the Code Red worm. Microsoft’s security alert from July 30 stated, “The Code Red worm and mutations of the worm pose a continued and serious threat to Internet users. Immediate action is required to combat this threat. Users who have deployed software that is vulnerable to the worm (Microsoft IIS Versions 4.0 and 5.0) must install, if they have not done so already, a vital security patch.”

Microsoft Security Bulletin (MS01-040)
Regarding: Windows NT 4.0 and Windows 2000
Date posted: July 25, 2001
Patch URL: Multiple patches available. Follow the link below for more information.
Information URL: Click here for more information.

Terminal Services in Win2K and the Terminal Server Edition of NT 4.0 contain a memory leak. An attacker could exploit this vulnerability, resulting in a denial of service.

Microsoft Security Bulletin (MS01-041)
Regarding: Windows NT 4.0, Windows 2000, SQL Server, or Exchange Server
Date posted: July 26, 2001
Patch URL: Multiple patches available. Follow the link below for more information.
Information URL: Click here for more information.

This is yet another vulnerability that could result in a denial of service. This bug involves inadequate validation of inputs on the part of RPC servers. In some cases, invalid inputs that prevent normal processing could be accepted.

Novell issues
Regarding: NetWare 5.1, Novell Small Business Suite 5.1, OnDemand, OnDemand 1.0, OnDemand 1.5, ZENworks 2
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Direct from Novell: “This fix modifies the functionality of ZENworks to scan and display DMI data in Workstation Inventory Summary.”

Regarding: NetWare 5, NetWare 5.1, Novell Small Business Suite 5, Novell Small Business Suite 5.1
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is a fix for the NWDeploy remote product installation. You’ll need this patch if you receive a message that the server you’ve chosen is not NetWare version 5.1 when you attempt to use NWDeploy to perform remote installs.

Regarding: NetWare 5, NetWare 5.1, Novell Distributed Print Services v2.0, Novell Small Business Suite 5.1
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Here’s a collection of all the NDPS version 2.x Post CSP5 updates. If you already downloaded NDP2XP6.EXE, you don’t need this one. All the fixes are the same.

Regarding: Account Management 2.1 for Windows 2000
Date posted: July 30, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch addresses a password synchronization problem in Account Management for Win2K.

Regarding: DirXML 1.0, DirXML 1.0 on Windows NT/2000 - DXML, iChain, iChain 1.5
Date posted: July 31, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This download includes patches and enhancements for the Lotus Notes DirXML driver and fixes a problem with member lists not moving from NDS to Notes.

Virus updates from Trend Micro
Virus/Worm: CODERED.A
Posted: July 30, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: VBS_POTOK.A
Posted: July 31, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS01-033)
Regarding: Windows NT and Windows 2000 IIS
Patch URL: Click here for the Windows NT patch.
Click here for the Windows 2000 patch.
Information URL: Click here for more information.

In case you missed it the first time, here’s the patch to protect yourself from the Code Red worm. Microsoft’s security alert from July 30 stated, “The Code Red worm and mutations of the worm pose a continued and serious threat to Internet users. Immediate action is required to combat this threat. Users who have deployed software that is vulnerable to the worm (Microsoft IIS Versions 4.0 and 5.0) must install, if they have not done so already, a vital security patch.”

Microsoft Security Bulletin (MS01-040)
Regarding: Windows NT 4.0 and Windows 2000
Date posted: July 25, 2001
Patch URL: Multiple patches available. Follow the link below for more information.
Information URL: Click here for more information.

Terminal Services in Win2K and the Terminal Server Edition of NT 4.0 contain a memory leak. An attacker could exploit this vulnerability, resulting in a denial of service.

Microsoft Security Bulletin (MS01-041)
Regarding: Windows NT 4.0, Windows 2000, SQL Server, or Exchange Server
Date posted: July 26, 2001
Patch URL: Multiple patches available. Follow the link below for more information.
Information URL: Click here for more information.

This is yet another vulnerability that could result in a denial of service. This bug involves inadequate validation of inputs on the part of RPC servers. In some cases, invalid inputs that prevent normal processing could be accepted.

Novell issues
Regarding: NetWare 5.1, Novell Small Business Suite 5.1, OnDemand, OnDemand 1.0, OnDemand 1.5, ZENworks 2
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Direct from Novell: “This fix modifies the functionality of ZENworks to scan and display DMI data in Workstation Inventory Summary.”

Regarding: NetWare 5, NetWare 5.1, Novell Small Business Suite 5, Novell Small Business Suite 5.1
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This is a fix for the NWDeploy remote product installation. You’ll need this patch if you receive a message that the server you’ve chosen is not NetWare version 5.1 when you attempt to use NWDeploy to perform remote installs.

Regarding: NetWare 5, NetWare 5.1, Novell Distributed Print Services v2.0, Novell Small Business Suite 5.1
Date posted: July 27, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

Here’s a collection of all the NDPS version 2.x Post CSP5 updates. If you already downloaded NDP2XP6.EXE, you don’t need this one. All the fixes are the same.

Regarding: Account Management 2.1 for Windows 2000
Date posted: July 30, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch addresses a password synchronization problem in Account Management for Win2K.

Regarding: DirXML 1.0, DirXML 1.0 on Windows NT/2000 - DXML, iChain, iChain 1.5
Date posted: July 31, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This download includes patches and enhancements for the Lotus Notes DirXML driver and fixes a problem with member lists not moving from NDS to Notes.

Virus updates from Trend Micro
Virus/Worm: CODERED.A
Posted: July 30, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: VBS_POTOK.A
Posted: July 31, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

Editor's Picks

Free Newsletters, In your Inbox