3rd Microsoft Patch Available for SNMP Hole
- By Scott Bekker
- March 12, 2002
Microsoft Corp. notified customers late Monday that a third patch is available to protect Windows platforms from the industry-wide SNMP security vulnerability. This time the patch covers Windows NT Terminal Server 4.0.
The security organization CERT/CC issued a broad alert in mid-February detailing threats to numerous operating systems, software and hardware spanning the industry.
Microsoft's SNMP service is not installed or running by default in any operating system, but it can be turned on in all current operating systems except Windows ME.
Shortly after the CERT/CC bulletin went out, Microsoft issued its own security bulletin offering a workaround for customers with a need to have SNMP enabled. At the time Microsoft promised to issue patches for its various operating systems as soon as it could develop them.
The Windows 2000 and Windows XP patches were available the same week as the first alert. A general Windows NT 4.0 patch became available last week.
Microsoft is still working on patches for the Windows 95, Windows 98 and Windows 98 SE operating systems.
SNMP or Simple Network Management Protocol is for managing network devices, so the vulnerability affects computers, firewalls, routers and other products. A buffer overrun present in all implementations, can allow an attacker to cause denial of service or run code in LocalSystem context. Microsoft classifies the SNMP vulnerability as a low risk on affected Internet servers, a moderate risk on affected intranet servers and a moderate risk on affected client systems.
The security bulletin and patches can be accessed here:
Scott Bekker is editor in chief of Redmond Channel Partner magazine.