Got NT? Better Have Extended Support or a Good Firewall Too!

Windows NT systems contain a critical vulnerability for which a patch is available -- if you have a extended support contract. Microsoft released a bulletin (MS05-011) on February 8 regarding an flaw in Server Message Block (SMB) where a remote intruder could take complete control of an affected system.

Windows NT users who have extended support contracts can get the patch from Microsoft, however other NT users must mitigate the problem in some other way. Systems can be protected to some extent by blocking ports 139 and 445 at border firewalls. Further protection can be gained by using a host-based firewall on affected NT systems.

An interesting aspect about this vulnerability is that Microsoft makes no mention of Windows NT in their bulletin. However they do mention that Windows 98 and Windows Me are not vulnerable. News of NT's vulnerability came from eEye Digital Security in a message posted to the NTBugTraq mailing list .

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish