Microsoft's Environment Analysis
NT2580
Homework
Week 2
Microsoft Environment Analysis
1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
CVE-2010-321
CVE-2010-1886
CVE-2010-0255
CVE-2009-3103
CVE-2010-0817
2. Does any vulnerability involve privilege elevation? Is this considered a high-priority issue?
CVE-2010-0817 and CVE2010-1886 are the only ones listed that involve privilege elevation and are not considered a high-priority issue.
3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 977981
Solution: this security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose account are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 979352
Solution: this security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 954157
Solution: this update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the Internet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec
Homework
Week 2
Microsoft Environment Analysis
1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
CVE-2010-321
CVE-2010-1886
CVE-2010-0255
CVE-2009-3103
CVE-2010-0817
2. Does any vulnerability involve privilege elevation? Is this considered a high-priority issue?
CVE-2010-0817 and CVE2010-1886 are the only ones listed that involve privilege elevation and are not considered a high-priority issue.
3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 977981
Solution: this security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose account are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 979352
Solution: this security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 954157
Solution: this update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the Internet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec