Security Bytes: ISS warns of new Microsoft Windows flaw
Attackers could exploit the latest Microsoft Windows flaw to crash vulnerable machines and Symantec fixes a Brightmail AntiSpam flaw.
This article orginally appeared on SearchSecurity.com.
ISS warns of new Microsoft Windows flaw
Multiple versions of Microsoft Windows are vulnerable to a NULL pointer dereference error in the server driver, which attackers could exploit to crash a system using a specially crafted network packet. Internet Security Systems (ISS) X-Force has uncovered the glitch and has released details in an advisory, warning that an exploit is available in the wild.
"Attackers can reliably cause Microsoft Windows to [go to a] blue screen," ISS said. "Users must reboot to recover from the crash … As of this writing no patch is available for the vulnerability."
ISS said the security hole affects:
Symantec fixes Brightmail AntiSpam flaw
Antivirus giant Symantec has fixed multiple flaws in its Brightmail AntiSpam product. Attackers could exploit the flaws to read or modify confidential system information, Symantec said in an advisory.
"Symantec Brightmail AntiSpam fails to fully sanitize file names passed to the DATABLOB-GET / DATABLOB-SAVE requests of directory traversal sequences," Symantec said. "This directory traversal vulnerability could result in confidential system information being exposed."
During the installation of email scanners, Symantec said three options are given for identifying the Brightmail AntiSpam control centre that will control the scanner. The first option is a local control centre. The second option is to identify the control centre by its IP address, and the third option allows the control centre to connect from any computer.
Symantec said the third option could allow an attacker to impersonate the control centre, exposing the following vulnerabilities:
The solution is to upgrade to Symantec Brightmail AntiSpam version 6.0.4 or to Symantec Mail Security (SMS) for SMTP version 5.0.
