|
|
|
Critical Update for Microsoft Firewall
Attackers can get system level access
by George Milner
Microsoft has released a patch for its firewall product, Internet Security and Acceleration (ISA) Server 2000. The vulnerability affects the ISA Server's H.323 filter used to allow multimedia over networks. Attackers can exploit this flaw to gain system level access. Because Microsoft enabled the H.323 filter by default, most users are at high risk for this form of attack.
A patch is available and should be applied as soon as possible. If immediate installation is delayed, Microsoft has suggested disabling the H.323 filter.
To disable the H.323 filter:
Open ISA management tool.
Expand the Extensions container
Expand the Application Filters container
Select the H.323 Filter and then click "Disable"
Restart the Microsoft Firewall Service Windows Components.
The problem with this solution is that it will also block multimedia traffic so the best solution will be to apply the patch.
FOR MORE INFORMATION:
VoIP vulnerability could leave networks exposed
Microsoft security bulletin MS04-001
Microsoft security bulletin MS04-002
Microsoft security bulletin MS04-003
First published on BankersOnline.com 01/15/04
Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.
|
|
|
|
Print Friendly!
Email This Article!
Discuss NOW!