| VID |
26065 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (KB823182) for the 'Vulnerability in Authenticode Verification' has not been applied.
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability with the Authenticode feature, which identifies the publisher of an ActiveX control. Under specific low memory conditions, Authenticode fails to properly prompt the user for authorization when installing a Microsoft ActiveX control.
To exploit this vulnerability, an attacker could host a malicious Web Site designed to exploit this vulnerability. If an attacker then persuaded a user to visit that site an ActiveX control could be installed and executed on the user's system. Alternatively, an attacker could create a specially formed HTML e-mail and send it to the user.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
http://www.microsoft.com/technet/security/bulletin/ms03-041.asp
* Platforms Affected:
Windows NT 4.0
Windows NT 4.0 Server
Windows NT 4.0 TSE
Windows 2000 Any version
Windows XP Any version
Windows 2003 Server |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS03-041 at http://www.microsoft.com/technet/security/bulletin/ms03-041.asp
1. Open the following page to download the patch:
For Windows NT Workstation 4.0, Service Pack 6a:
http://www.microsoft.com/downloads/details.aspx?FamilyId=921466F5-BC40-4E8E-BB57-6B81B57C21B6
For Windows NT Server 4.0, Service Pack 6a:
http://www.microsoft.com/downloads/details.aspx?FamilyId=21F64FF0-9175-42BE-A8E4-BDC59A98BDF2
For Windows NT Server 4.0, Terminal Server Edition, Service Pack 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C6688576-4682-4A30-BBD7-1817F2944890
For Windows 2000, Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C862E049-58B2-4486-8D98-23183D7EE17D
For Windows 2000, Service Pack 3, Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=90D27AEC-7D2A-45FD-B85A-E98E574338F1
For Windows XP Gold, Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6CDF5303-D767-4D68-9BA7-055E93E87847
For Windows XP 64-bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D92EF2E8-C03A-43C0-B428-D76C4B669151
For Windows XP 64-bit Edition Version 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11
For Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=135D8C00-7B4B-4C21-8EAA-D58814635E0D
For Windows Server 2003 64-bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
5. Restart your system to complete the installation.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com .
Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0660 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
13422 (ISS) |
|
