Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Microsoft Rolls Out January Patches; One Is Critical

Microsoft Tuesday released three new security vulnerability bulletins -- and the patches to fix them -- in its scheduled January roster of fixes. Only one is labeled Critical by the Redmond, Wash.-based developer.

The most serious of the three bulletins affects Microsoft Internet Security and Acceleration (ISA) Server 2000, and because that software's part of both the Small Business Server 2000 and Small Business Server 2003 packages, those products as well.

A vulnerability exists in the H.323 filter in ISA Server 2000 that might let an attacker creating a buffer overflow in the Microsoft Firewall Service, which is integral to ISA. By using the buffer overflow, attackers could introduce other code to the server and gain complete control over the system, said Microsoft.

H.323, a protocol used in voice over IP (VoIP) telephony and video conferencing applications to deliver audio and video, is at the root of a number of VoIP vulnerabilities, and not just in Microsoft's wares, according to e-mail alerts Tuesday from several security firms including Symantec and Internet Security Systems (ISS).

The University of Oulu, based in the Finnish city of Oulu at the northern end of the Gulf of Bothnia, developed a suite of test tools that targeted H.323-based applications by sending unusual or improper call signaling messages, and first spotted the problem. Testing by ISS confirmed Tuesday that a wide range of vendors' products -- Microsoft included -- are vulnerable to possible exploit. Among them, Cisco's Internetwork Operating System (IOS); Nortel's Business Communication Manager and its 802.11 Wireless IP Gateway; and Tandberg videoconferencing end points.

  • 1