Microsoft Shows Up a Range of Vulnerabilities

In its weekly report released on November 17, 2006, Panda Software lists the vulnerabilities as MS06-066, MS06-067, MS06-068, MS06-069, MS06-070 and MS06-071, the TelnetOn.A worm, and the Briz.S Trojan.

MS06-067 to MS06-071 include many critical vulnerabilities where MS06-067 is a cumulative update for Internet Explorer, MS06-069 refer to a flaw in Flash Player and MS06-071 is another flaw in 'XML Core Services'. The MS06-066 is an important classification that handles problems in the 'client service' for NetWare.

The current popular targets of attackers are the vulnerabilities in 'Workstation Service' (MS06-070) and 'XML' (MS06-071). There are atleast two exploits present for both of the vulnerabilities. The Microsoft worm, called the 'TelnetOn.A', affects a PC where it creates an Administrator account that enables it to take complete command of the system via 'Telnet' service. As one of its primary actions, the worm aborts the functioning of several security tools such as anti-virus or firewall software. At the same time, it terminates processes belonging to some malicious codes.

After 'TelnetOn.A' installs on an affected PC, it disables the access to certain websites, including those providing anti-virus applications. The worm proliferates through P2P programs like 'eMule', 'KaZaA' and 'Morpheus', the 'mIRC' program and e-mail.

The 'Briz.S', a Trojan that steals password, is made up of several elements and downloads itself from the Internet. The purpose of the Trojan is to hack private information from the affected PC, such as the IP address. It also captures data that users enter in 'Web forms' through Internet Explorer.
The 'Briz.S' too prevents the hijacked computer from viewing certain websites such as those from anti-virus vendors. It uses the computer as a medium to link to third party Telnet, SMTP, FTP and HTTP services. 'Briz.S' requires a hacker's intervention to circulate and it reaches other computers through CD-ROMs, attachments in e-mail messages, Internet downloads, or IRC routes.

As a solution to these problems, Microsoft has made the necessary security updates. It advises users to install them as soon as possible so that the flaws cannot run malicious codes on the systems.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 11/22/2006