main

Microsoft Security Bulletin MS04-020: Vulnerability in POSIX

Unknown   on 10 August 2004 - 19:20 · 13 comments & 1147 views

Advertisement (Why?)
Overview
This bulletin has been re-released to reflect an additional affected product - Microsoft INTERIX 2.2. The vulnerability (in POSIX) could allow priviledge elevation which could lead to total control of the system if exploited successfully. We advise that users should check the list of the affected software to make sure that proper updates (if required) has been installed.

Affected Software
  • Microsoft INTERIX® 2.2
  • Microsoft Windows NT® Workstation 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Service Pack 6a
  • Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
  • Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4

    System Requirements
    Supported Operating Systems: Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows NT

    Download: Microsoft Security Bulletin MS04-020: Vulnerability in POSIX Could Allow Code Execution


    • Instructions
    Click the Download button in the upper right-hand corner of this page to start the download.
    Do one of the following:
    To start the installation immediately, click Open or Run this program from its current location.
    To copy the download to your computer for installation at a later time, click Save or Save this program to disk.

    Share this Article

    About the Author

    Full name: Unknown
    User name:
    Contact: via forum PM
    Submissions: View All
    More: View Profile

    Related news

    Post a comment · Send to friend Comments · There are 13 additional comments
    #1 xStainDx on 10 Aug 2004 - 19:38
    um...this is old (July 13th)......
    (2 replies) #2 madhon on 10 Aug 2004 - 19:43
    V1.0 (July 13, 2004): Bulletin published

    V2.0 (August 10, 2004): Updated to reflect an additional affected product - Microsoft INTERIX 2.2


    not old at all
    #2.1 xStainDx on 10 Aug 2004 - 20:36
    ahhh
    #2.2 configure on 11 Aug 2004 - 02:32
    It has been re-released to cover the affect on MS INTERIX 2.2
    #3 Dezekiel on 10 Aug 2004 - 20:18
    Good thing i removed posix support to save memory from my XP Home
    #4 Sushubh on 10 Aug 2004 - 20:49
    Instructions
    Click the Download button in the upper right-hand corner of this page to start the download.

    That is a google ad
    (2 replies) #5 IceDogg on 10 Aug 2004 - 20:59
    what is Posix anyway? sorry for noob question.
    #5.1 Jugalator on 10 Aug 2004 - 21:06
    A set of standards to make it easier to port applications among UNIX environments.
    Stuff like some standardized C libraries, etc.

    However, other OS'es than *nix can have POSIX support implemented as well. (like Win NT-based ones )
    #5.2 IceDogg on 10 Aug 2004 - 21:08
    Hey, thanks a lot my friend
    #6 L0KI on 11 Aug 2004 - 10:53
    call me a newb but wtf is Microsoft INTERIX... never heard of this one!
    (1 reply) #7 mrbester on 11 Aug 2004 - 11:17
    OK, all neowinians who actually use (INTER|POS)IX please sign in. Why isn't there an easy way to get rid of this crap (like the OS/2 subsystem, who uses that?) without registry hacking, arbitrary file deletion and service disabling?
    #7.1 madhon on 11 Aug 2004 - 13:19


    for people using 2000 you can delete the os2 and posix subsystems as follows, windows xp dosnt include the os2 or posix subsystems so nothing needs to be done on xp.

    Remove the OS/2 and POSIX Subsystems
    If you are not using these subsystems (and people rarely do), removing them may improve performance and also closes a potential security risk.

    To remove the OS/2 and POSIX subsystems:
    1. Delete the winntsystem32os2 directory and all of its subdirectories.
    2. Use the Registry Editor to remove the following registry entries:

    Key:
    HKEY_LOCAL_MACHINE - SOFTWARE

    Subkey:
    Microsoft - OS/2 Subsystem for NT

    Entry:
    delete all subkeys


    --------------------------------------------------------------------------------

    Key:
    HKEY_LOCAL_MACHINE - SYSTEM

    Subkey:
    CurrentControlSet - Control - Session Manager - Environment

    Entry:
    Os2LibPath

    Value:
    delete entry


    --------------------------------------------------------------------------------

    Key:
    HKEY_LOCAL_MACHINE - SYSTEM

    Subkey:
    CurrentControlSet - Control - Session Manager - SubSystems

    Entry:
    Optional

    Values:
    delete entry


    --------------------------------------------------------------------------------

    Key:
    HKEY_LOCAL_MACHINE - SYSTEM

    Subkey:
    CurrentControlSet - Control - Session Manager - SubSystems

    Entry:
    delete entries for OS2 and POSIX




    The changes take effect the next time the computer is started. You might want to update the emergency repair disk to reflect these changes.


    **edit ***
    dammit cant put the slash character into the registry paths
    #8 darkmark327 on 11 Aug 2004 - 15:55
    Wow, this is a first, an NT-based vulnerability that excludes XP.

    If only because it lacks the functionality

    Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

    Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

    Advertisement (Why?)
    News powered by Neowin Management System (Build - 5.0.899) © 2000 - 2008 Neowin.net