News

SANS Releases Quarterly Update to List of Critical Security Updates

The SANS Institute this week provided its first quarterly update to its closely watched annual list of the most dangerous Internet threats.

New vulnerabilities on the SANS Institute Top 20 Most Critical Internet Vulnerabilities List include seven flaws affecting Microsoft products and problems with products from Computer Associates, Oracle, antivirus companies and media player companies.

Each October, the SANS Institute updated its list. According to the organization, the first three months of 2005 brought more than 600 new Internet security vulnerabilities.

"Threats are evolving at a much faster rate, necessitating regular updates to the list to ensure organizations have the most current information possible on critical security vulnerabilities," said Qualys CTO Gerhard Eschelbeck, a member of the industry and government team that collaborated with SANS to compile the quarterly update.

To make the list, a vulnerability has to affect large numbers of users, be unpatched on many systems, allow unauthorized users to take over a system remotely and have enough information in the public domain for attackers to exploit them.

New problems with Microsoft products meeting those criteria involve the Windows License Logging Service, Microsoft Server Message Block, Internet Explorer, two ActiveX controls, cursor and icon handling and PNG file processing. All the flaws have Microsoft patches available, although the SANS Institute is concerned that the patches aren't generally applied.

Another problem that affects many platforms, including Windows NT and Windows 2000 prior to Service Pack 3, is the DNS cache poisoning vulnerability, which allows for redirection of domains to attacker-controlled domains.

Outside the Microsoft platform, SANS called attention to buffer overflows in Computer Associates License Manager and server compromise opportunities in many Oracle products that were patched in the company's Jan. 18 Critical Patch Update.

Categories of products found to be exposed to major buffer overrun flaws in the first quarter were antivirus products from Symantec, F-Secure, Trend Micro and McAfee and media players including RealPlayer, Apple iTunes, Helix Player and WinAmp.

The SANS Institute list, which includes links to details of the flaws and patches, is available here.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.