Microsoft SMTP Security Flaw Affects the Masses 10/22/2004 - 1,194 views, 4 Comments
|
Previous Article « Handful of Zombie Networks Responsible for All Phishing Attacks
Read Next Article » Bad Enough it’s an Email Worm, Now MyDoom is Rude, Too
In the flurry of more than twenty security updates which Microsoft released last week, it was easy to overlook one particularly insidious hole: a flaw in SMTP affecting Windows XP, Windows Server, and Exchange Server. There are probably a few computers out there running one or the other of these systems. SMTP stands for “Simple Mail Transfer Protocol”, and is one of the standard components, used by most operating systems, through which computers talk to each other during the sending and receiving of email. As you might imagine, it’s ubiquitous in its deployment. And no little flaw, this. Rather a great big hole you could drive the proverbial Mack truck through. According to the Microsoft site, “An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.” So, if you or someone you love is running Windows XP 2003, Windows Server 2003, or Exchange Server 2003, run, don’t walk, to http://www.microsoft.com/technet/security/Bulletin/MS04-035.mspx and get the appropriate update. You can read more about this here.
Previous Article « Handful of Zombie Networks Responsible for All Phishing Attacks
Read Next Article » Bad Enough it’s an Email Worm, Now MyDoom is Rude, Too
|
|
Email the link for this page to a friend! |
Read more:
» Two More Windows Patches from Microsoft
» New Critical Internet Explorer (IE) Flaw Involves Msdds.dll
» Microsoft Announces Patch for “Help Flaw” Security Hole
» Massive Security Hole in Symantec Products - Plan on Patching This Weekend!
For additional similar stories check out our archives on Everything Else
Hmmm… how about toning down the warnings a bit. You imply that Windows XP is at risk in Lockergnome and blog versions of your message. However your terminology is not accurate.
MS does NOT refer to their Windows XP 64-Bit Edition Version 2003 as Windows XP 2003. However, you do, and by doing so, unnesessarily cause alarm and panic in the millions of users of the 32bit Windows XP who might think that their systems are at risk, and waste inordinate amounts of time investigating and trying to download unnecessary patches, clogging the MS servers etc. Lets not panic the masses shall we, it may be more of a problem than the one you are trying to fix.
Comment by Jim — 10/23/2004 @ 9:11 am
it is indeed the case that the version of Windows XP which is affected by this issue is Microsoft Windows XP 64-Bit Edition Version 2003.
Aunty regrets any confusion which may have been caused. It was anticipated that anyone reading Aunty’s post about the problem would naturally follow the link in that post to the Microsoft site, where they would see the full list of affected and unaffected software, and thus not “waste inordinate amounts of time investigating and trying to download unnecessary patches, clogging the MS servers, etc.”. But perhaps Aunty was assuming too much intelligence on the part of her gentle readers.
Naaaah.
Aunty
Comment by Aunty Spam — 10/25/2004 @ 2:53 am
Amen Aunty! :-)
Comment by John — 10/25/2004 @ 2:25 pm
WHAT IS MY VAT ID? CRISTIAN FROM ROMANIA
Comment by URSA BEAR — 4/1/2005 @ 6:38 am