Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2005 > Microsoft - Vulnerability in Plug and Play (899588) Update

August 2005

Microsoft - Vulnerability in Plug and Play (899588) Update

ID: 00678
Ref: 627/05
Date: 12 August 2005:17:04:38
Version: 1
Title: Microsoft - Vulnerability in Plug and Play (899588) Update
Abstract: Reason For Update: Release of Exploit code targeting Windows 2000
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

Title
=====
Microsoft - Vulnerability in Plug and Play (899588) Update


Detail
======

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: August 11, 2005
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Security Advisory (899588)

- Title: Vulnerability in Plug and Play Could Allow Remote Code
Execution and Elevation of Privilege (899588)

- Reason For Update: Release of Exploit code targeting Windows 2000

- Advisory Web site: http://go.microsoft.com/fwlink/?LinkId=51237

- Bulletin Web site: http://go.microsoft.com/fwlink/?LinkId=48900



Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
valuable information to help you protect your network. This
newsletter provides practical security tips, topical security
guidance, useful resources and links, pointers to helpful
community resources, and a forum for you to provide feedback
and ask security-related questions.
You can sign up for the newsletter at:

http://www.microsoft.com/technet/security/secnews/default.mspx

* Microsoft has created a free e-mail notification service that
serves as a supplement to the Security Notification Service
(this e-mail). The Microsoft Security Notification Service:
Comprehensive Version. It provides timely notification of any
minor changes or revisions to previously released Microsoft
Security Bulletins and Security Advisories. This new service
provides notifications that are written for IT professionals and
contain technical information about the revisions to security
bulletins. To register visit the following Web site:

http://www.microsoft.com/technet/security/bulletin/notify.mspx

* Protect your PC: Microsoft has provided information on how you
can help protect your PC at the following locations:

http://www.microsoft.com/security/protect/

If you receive an e-mail that claims to be distributing a
Microsoft security update, it is a hoax that may be distributing a
virus. Microsoft does not distribute security updates through
e-mail. You can learn more about Microsoft's software distribution
policies here:

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx

********************************************************************
THE INFORMATION PROVIDED IN THE THIS EMAIL IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBQvvrAoreEgaqVbxmAQIB9A/8Dl4nbI3/xPeH7lYh9NjrPGIF3zKpiJNE
tYU3PHxMVGqHkpvX7CtCGGnbcgN9oVzWSzLfSll2WcBxKB44l74DpDVV1M45tjmY
aGxLWU/QEFjyNyKGhp4ez4CYEvV4whLKFqVUeMbF8te9XvIaPFeFS/2RGZyiB7U/
Az+rFpQ0MA+oiEJzsueJnQ4vLWEBdC18IpfgYSFAfKBdn2YB89feigAOsS3quc99
S6OZ1vQkWv9RAJZvCc2zCf9PVTS198YXzDQpkwh6ZSEoGCIcGVxX7xwBM5ZKSFcv
OroBzaFir/4E/3R7TnaVSO8h9X8GpZ8gTpMtqFns4m7oXmvtjshD2M0cqKGxydoa
8GnI76CuTQ+InsU6x5eQtmoihDWDMPcg3D93O0+DqMAIcyJjCjSfzSitgR2V9N00
CjfD79NLZ1hLir2RvAV3Jh0IGMlsbcyi1u1yLVuRSl9+4hRmj0XOQVUMhGRu/Jei
nYUrt5tkw68wwqLNcdFbjkBZlWnqwnGeYfAN2LiigN+MVS/R60WMVIby3LE1qgkI
7KKnTZbXmhIJZ27K+RY6FQu76nKY0nO4NZkyVrzA5xR+fGU0SygwhBetrR0mib2G
R6aJliX11sltV8g3Mv3TTQRr+7ehIK/kptlxMb4KmA/u3lftaLXjSICC5l0BmtgX
doOtt5dkppc=
=xnYi
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |