The other vulnerability is limited to the risk of someone logged on locally who runs a specially crafted program which elevates its privileges. This is mostly a matter for high security workstation environments where end users don’t have admin authority and Terminal Servers where end-users could access and execute a specially crafted program.
In this webinar I will explain how Application Whitelisting works and answer these questions:
- What are the technical and human challenges with whitelisting?
- Is Application Whitelisting ready for prime-time?
- How far does Windows' built-in whitelisting technology called Software Restrictions take you?
- How is the .Net framework relevant to whitelisting?
- Why does application whitelisting also address unauthorized/unlicensed software in addition to malware?
Reserve your Webinar seat now at:
https://www1.gotomeeting.com/register/910941268
Date: Thursday, January 24, 2008
KB # | Exploit Type Product | Principle type of systems exposed | Exploit details public? / Being exploited? | Comprehensive, practical workaround available? | MS severity rating | Vulnerable | Notes | Randy’s recommendation | |||
2000 | XP | 2003 | Vista/ 2008 | ||||||||
MS08-001 (KB941644) | Arbitrary code Windows | Workstations & Terminal Servers | No/No | Yes | Critical | Yes | Yes | Yes | Yes | Restart is Required | Options: - Disable or block IGMP/MLD and Router Discovery Protocol. This will break multi-cast applications such as some features in Ghost or live Internet broadcasts. Can be disabled using group policy by creating a custom administrative template. - Patch after testing |
MS08-002 (KB943485) | Privilege elevation Windows | Workstations & Terminal Servers | No/No | No | Important | Yes | Yes | Yes | No | Restart is Required | Patch after testing |
Event log management & analysis made easy with GFI EventsManager. Free 30 day trial!
Logging in Depth – Secure, Comply, Save – with EventTracker Complete Event Management
Enterprise-class Log Management and SEM – Powerful, Easy, Affordable – LogRhythm
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.
No comments:
Post a Comment