Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2005 > Microsoft - Vulnerability in Plug and Play (899588) Update

August 2005

Microsoft - Vulnerability in Plug and Play (899588) Update

ID: 00692
Ref: 641/05
Date: 16 August 2005:11:55:42
Version: 1
Title: Microsoft - Vulnerability in Plug and Play (899588) Update
Abstract: This Microsoft advisory has been updated to document additional variants of Worm:Win32/Zotob.A. Microsoft have also updated the advisory to document information about the impact of the RestrictAnonymous registry key
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

Title
=====
Microsoft - Vulnerability in Plug and Play (899588)

Detail
======

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: August 15, 2005
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Security Advisory (899588)

- Title: Vulnerability in Plug and Play Could Allow Remote Code
Execution and Elevation of Privilege (899588)

- Reason For Update: Advisory has been updated to document
additional variants of Worm:Win32/Zotob.A. We have also updated
the advisory to document information about the impact of the
RestrictAnonymous registry key.

- Advisory Web site: http://go.microsoft.com/fwlink/?LinkId=51237

- Bulletin Web site: http://go.microsoft.com/fwlink/?LinkId=48900


Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
valuable information to help you protect your network. This
newsletter provides practical security tips, topical security
guidance, useful resources and links, pointers to helpful
community resources, and a forum for you to provide feedback
and ask security-related questions.
You can sign up for the newsletter at:

http://www.microsoft.com/technet/security/secnews/default.mspx

* Microsoft has created a free e-mail notification service that
serves as a supplement to the Security Notification Service
(this e-mail). The Microsoft Security Notification Service:
Comprehensive Version. It provides timely notification of any
minor changes or revisions to previously released Microsoft
Security Bulletins and Security Advisories. This new service
provides notifications that are written for IT professionals and
contain technical information about the revisions to security
bulletins. To register visit the following Web site:

http://www.microsoft.com/technet/security/bulletin/notify.mspx

* Protect your PC: Microsoft has provided information on how you
can help protect your PC at the following locations:

http://www.microsoft.com/security/protect/

If you receive an e-mail that claims to be distributing a
Microsoft security update, it is a hoax that may be distributing a
virus. Microsoft does not distribute security updates through
e-mail. You can learn more about Microsoft's software distribution
policies here:

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx

********************************************************************
THE INFORMATION PROVIDED IN THE THIS EMAIL IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBQwEAZoreEgaqVbxmAQIIFQ/8Cfj6D3XFWjRmXXRgZehcMaVpttZwmK9I
oIv7rgDTG2XPMnyi1HDMO9uvcW0y8Q+vnfUlA+NcJbIjVw5z8mo1H9uj7XfmKJpl
YIWzI4ARowKcTrZQli/V8M6X/wmj41sSugKWWuulw/PG2rUwHIZOQ+W9kNNZEDK5
SnFXeUUJEV9Vag+jeWOUSBOLsDH8nZZcqFV/x7StuZT+D09jWmLFCFaayGq45xBU
rrwHCawCi1bEpIIesYZmPhNjeP1iWbd8EeZ9Yy01sP0aJaRBPqED4S9vvgv92vf2
W+NMpLWk+yN2092RyvOFwO/ut9WV79chkVnHeFnXXvnbw4mzoqK+1LpHePaalgSf
s2ijZld+Bm9H1sEKmCV3w1sVY0+k6KEIjt9OJDxl50i+8BHJToZhNHSoHLwxVyPC
iqOyW5WqTF0m1nATrwfehXv8y0UUFU+g+i/1ZyOyYCKrzxSZlof3dwXDEw9Omk3B
AWJfhswLJrT5drVLVZ68xFxzPTCLnm2Z8jmbZWKUTwnCU4Gx1sYzeMZUCxEy7wOP
ketfv/ysNp+IeUCTwVwOx4A/Aet4dnK3gBOU5eVivvZuYf3pf/hlIewF8eB1ucS/
TjPS6MVl16dA4q+ZLwrXKr94KGHuuZwY5oOK040Mg1QYW1HgGplXGvWlBUW4tZ40
GCiuCrt1J1E=
=oUXq
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |