Critical Update for Microsoft Firewall
Attackers can get system level access
by George Milner
Microsoft has released a patch for its firewall product, Internet Security and Acceleration (ISA) Server 2000. The vulnerability affects the ISA Server's H.323 filter used to allow multimedia over networks. Attackers can exploit this flaw to gain system level access. Because Microsoft enabled the H.323 filter by default, most users are at high risk for this form of attack.
A patch is available and should be applied as soon as possible. If immediate installation is delayed, Microsoft has suggested disabling the H.323 filter.
To disable the H.323 filter:
The problem with this solution is that it will also block multimedia traffic so the best solution will be to apply the patch.
FOR MORE INFORMATION:
VoIP vulnerability could leave networks exposed
Microsoft security bulletin MS04-001
Microsoft security bulletin MS04-002
Microsoft security bulletin MS04-003
First published on BankersOnline.com 01/15/04
First published on 01/15/2004