Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2005 > Microsoft - Vulnerability in Plug and Play (899588) Update

August 2005

Microsoft - Vulnerability in Plug and Play (899588) Update

ID: 00698
Ref: 645/05
Date: 17 August 2005:13:59:26
Version: 1
Title: Microsoft - Vulnerability in Plug and Play (899588) Update
Abstract: Reason For Update: August 16, 2005: Advisory has been updated to document additional information about variations of Worm:Win32/Zotob.A and additional information about the ongoing investigation.
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

Title
=====
Microsoft - Vulnerability in Plug and Play (899588) Update


Detail
======

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: August 16, 2005
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Security Advisory (899588)

- Title: Vulnerability in Plug and Play Could Allow Remote Code
Execution and Elevation of Privilege (899588)

- Reason For Update: August 16, 2005: Advisory has been updated
to document additional information about variations of
Worm:Win32/Zotob.A and additional information about the
ongoing investigation.

- Advisory Web site: http://go.microsoft.com/fwlink/?LinkId=51237

- Bulletin Web site: http://go.microsoft.com/fwlink/?LinkId=48900


Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
valuable information to help you protect your network. This
newsletter provides practical security tips, topical security
guidance, useful resources and links, pointers to helpful
community resources, and a forum for you to provide feedback
and ask security-related questions.
You can sign up for the newsletter at:

http://www.microsoft.com/technet/security/secnews/default.mspx

* Microsoft has created a free e-mail notification service that
serves as a supplement to the Security Notification Service
(this e-mail). The Microsoft Security Notification Service:
Comprehensive Version. It provides timely notification of any
minor changes or revisions to previously released Microsoft
Security Bulletins and Security Advisories. This new service
provides notifications that are written for IT professionals and
contain technical information about the revisions to security
bulletins. To register visit the following Web site:

http://www.microsoft.com/technet/security/bulletin/notify.mspx

* Protect your PC: Microsoft has provided information on how you
can help protect your PC at the following locations:

http://www.microsoft.com/security/protect/

If you receive an e-mail that claims to be distributing a
Microsoft security update, it is a hoax that may be distributing a
virus. Microsoft does not distribute security updates through
e-mail. You can learn more about Microsoft's software distribution
policies here:

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx

********************************************************************
THE INFORMATION PROVIDED IN THE THIS EMAIL IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBQwKyEoreEgaqVbxmAQIHmRAAkd/oLjj7XU5Pbs7i4qPvwy1fobHt4sdf
3AAMBnLZ5b2TDndQUXjLVvJWdLaAZJ3sAnAGV2GqZ9vS0BDqhbpKdhuzIHTJVUyr
uMBK15LfHe/jQtUJM0zFsAJcSqVVVb55Q6Gu41U3MndNt/vJvjVdCzylar+tioQU
0zEs8ZAxtas0OaOxtHgNPAMaMrDW49ypAwzpPXl+Wyy3KL2Cw9ID8BZAKEgdmrdE
BHfbAlMLMRk8j+Y9AjEa3GoNAJxZ71dH3S6x80CwjNEpTo6SrKUL6wReLgeuckGs
lBnx5gkOZ0d3C5jbhdyaIZCNP2Nl7/P9CCa7nbhnxheCQsZzf81gxJVtTSmX7Cfc
V7td7xmTlVDs0mC29HfDppgvWTE4pmeesu9WyQ0aZiEDKP4RxK31Fuyx2Yhamppn
iOXa/JW2QM3Jhbp61Z1tyl9bInG/HP1iU8wt6IMylJnq5LBv8ayP/0VX/EL8q75o
m+g1ep43XynYRqZCZsCnYe5Li5w8tNWD7jScuzk5+xQlLsgNwhVagdqG0yYFkxcs
KYGIsB6U+Nq+dEXunEEj+mHUVeXU5FUqxpsMi+uSWA3+8RAb+zmTNTeNHnmmkLOo
a7S7FH3a9t6jd2gxHR3t0PALsaOS20q+wi/oMFAAmrLy7BwWc9PzqvTzWNbNcfIc
h8sXNgFgbo8=
=kC4F
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |