Microsoft is patching up its software again, after it found four security vulnerabilities in several of its products – one of which was deemed "critical".
The most serious defect affects Windows XP, NT 4.0 and 2000. The problem is a buffer overrun flaw in the phone book of the RAS (remote access service) — a standard part of all three operating systems. This fault means an attacker could gain control over your PC or cause it to fail, according to Microsoft.
To carry out an attack, an attacker first has to change a RAS setting on the affected system, before connecting to the system using RAS. If the target system's settings restrict user access, it will not be at risk, Microsoft said.
More information on the RAS flaw can be found here.
The other problems are with Internet Information Server (IIS) 4.0 and 5.0, the web server components of Windows NT 4.0 and Windows 2000. An attacker could run arbitrary code on the system by exploiting a flaw in software that supports HTR scripting, an older and largely obsolete scripting language, Microsoft warned.
HTR has been part of IIS since version 2.0. It was never widely adopted because ASP (Active Server Pages), introduced in IIS 4.0, became popular before HTR use took off. Virtually the only use for HTR today is a web-based NT-password-managed service, Microsoft said, adding that it has long recommended customers to disable HTR functionality and convert scripts that are needed to ASP. The IIS Lockdown Tool offered by Microsoft disables HTR by default.
More information on this issue can be found here.
The final two vulnerabilities are in the SQLXML part of SQL Server 2000. SQLXML enables the transfer of XML (Extensible Markup Language) data to and from SQL Server 2000. The most serious of the flaws could allow an attacker to take over the machine running the database, Microsoft explained.
Microsoft's advice on this problem can be found here.