Microsoft warns of virtual machine vulnerability

Microsoft warned users on Wednesday about two new security vulnerabilities affecting its Microsoft Virtual Machine, Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 products.

The Microsoft Virtual Machine (VM) contains a critical vulnerability that could allow a remote attacker to gain control of affected machines, according to security bulletin MS03-011. (See http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-011.asp.)

The vulnerability, in code for a VM process called the ByteCode Verifier, could enable an attacker to use illegal sequences of byte codes to bypass security checks in the software, Microsoft said.

The ByteCode Verifier process is responsible for checking code as it is being loaded into the Virtual Machine, the company said.

Attackers could launch an attack using a Java applet embedded in a Web page or HTML (Hypertext Markup Language) format e-mail message. Once compromised, a vulnerable machine could be used to run the attacker's code, though only with the permission of the active user account, Microsoft said.

The Microsoft Virtual Machine is a key component of all supported versions of the Windows operating system, including Windows 2000 and Windows XP. It is also shipped with the Internet Explorer Web browser and other Microsoft software, the company said.

Despite being widespread, the new vulnerability is of only limited utility to attackers, Microsoft said.

Recent releases of the Outlook and Outlook Express e-mail clients as well as security patches for older versions prevent Java applets embedded in e-mail messages from being launched. Barring an e-mail borne attack, users would have to be tricked into visiting a Web page that contains the embedded Java applet containing the Virtual Machine attack.

Microsoft issued a patch for the virtual machine, build 3810, and recommended that customers who are using earlier builds upgrade.

Meanwhile, the Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 vulnerability could enable an individual on an internal network or the Internet to launch a denial of service (DOS) attack against those products, preventing them from responding to internal and external requests, according to information released in Microsoft security bulletin MS03-012. (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-012.asp.)

The vulnerability, which Microsoft rated "important," affects the Winsock Proxy service on Proxy Server 2.0 and the Firewall service on ISA Server 2000. Both services redirect communications from Internet applications to the machines running Proxy Server 2.0 or ISA Server, creating a path to the Internet through those products, according to Microsoft.

A flaw in the way each service handles inbound requests from remote clients means that attackers could use a specially formatted request to cause the products to stop responding.

Despite the denial of service capability, however, attackers could not gain remote access to either the ISA Server 2000 or Proxy Server 2.0 machines, Microsoft said.

Customers using the affected products were encouraged to download and install a patch that repairs the affected services, removing the DOS vulnerability.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Roberts

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?