[link|http://biz.yahoo.com/ap/040210/microsoft_security_1.html|http://biz.yahoo.com...t_security_1.html]

This looks uglier than anything in the past. Looking for more info.

Microsoft, which learned about the flaws more than six months ago from researchers, said the only protective solution was to apply a repairing patch it offered on its Web site. It assessed the threat to computer users as "critical," its highest rating.

A Microsoft security executive, Stephen Toulouse, said the flawed software was "an extremely deep and pervasive technology in Windows," and urged customers to apply the patch immediately.

The disclosure comes just weeks before Microsoft Chairman Bill Gates delivers a keynote speech in San Francisco at one of the industry's most important security trade conferences. Microsoft has struggled in recent months against a tide of renewed criticism about security risks in its software, the engine for computers in most of the world's governments, corporations and homes.

"This is one of the most serious Microsoft vulnerabilities ever released," said Marc Maiffret of eEye Digital Security Inc. of Aliso Viejo, Calif., which discovered the new Windows flaws. "The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system."

Maiffret said some computer systems that control critically important power or water utilities were vulnerable.

Maiffret predicted hackers will try to unleash a damaging Internet infection within weeks. Unlike earlier vulnerabilities that spawned such attacks, hackers can exploit the newly disclosed flaws to break into susceptible computers using dozens of methods, making any defense far more difficult.

More info:
[link|http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-007.asp|http://www.microsoft...etin/MS04-007.asp]

A security vulnerability exists in the Microsoft ASN.1 Library that could allow code execution on an affected system. The vulnerability is caused by an unchecked buffer in the Microsoft ASN.1 Library, which could result in a buffer overflow.

An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.

Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. More information about ASN.1 can be found in Microsoft Knowledge Base Article 252648.

Mitigating factors:

In the most likely exploitable scenario, an attacker would have to have direct access to the user's network.

Severity Rating:
Microsoft Windows NT 4.0 \tCritical
Microsoft Windows NT Server 4.0 Terminal Server Edition \tCritical
Microsoft Windows 2000 \tCritical
Microsoft Windows XP \tCritical
Microsoft Windows Server 2003 \tCritical

Oh yeah, it's ugly. I'm kinda surprised there's not already something out there taking advantage of this one.

[link|http://zdnet.com.com/2100-1105-5160006.html|http://zdnet.com.com...1105-5160006.html]

Just a matter of time before this sucker spreads I bet.

A piece of code that exploits a critical vulnerability that Microsoft issued a patch for only last week has been posted online, raising fears of an imminent MSBlast-style attack.
...
"We ran (the compiled code) against an unpatched XP and Windows 2000 SP3 system, and it took both systems down. It does a buffer overflow and immediately sends the PC into a reboot phase that you can't get out of," he said.