R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Microsoft issues ISA Server patch

Three unrelated problems now fixed, says software giant.

John Geralds in Silicon Valley, vnunet.com 20 Aug 2001
ADVERTISEMENT

Microsoft has released a patch that fixes three unrelated flaws affecting its Internet Security and Acceleration (ISA) Server, part of the .Net Enterprise Server line.

The ISA Server, which provides networks with firewall protection from unauthorised access and external hacking attacks, also notifies network administrators of any suspicious activity.

Specifically, the patch addresses vulnerabilities in the ISA Server's Voice over IP (VoIP) capabilities, its Proxy service and error page generation.

The first flaw concerns a memory leak in the H.323 Gatekeeper service which allows VoIP traffic through a firewall. The second flaw, which can lead to denial of service attacks, is also a memory leak and could cause the server to slow down.

Microsoft said the problem in the software's Proxy service is made less serious because only an internal user can exploit it.

The third involves the way the ISA Server handles error messages about irretrievable web pages that could allow an attacker to gain access to cookies on both the server and user machines and to execute code.

The patch can be downloaded from Microsoft's website here.

Separately, the Redmond giant has released a patch to fix a flaw in an ActiveX control that could allow attackers to run destructive code on a user's computer.

The company had advised users on 12 July to disable ActiveX controls until the patch was made available. The defect was found in the Microsoft Outlook View Control that is installed with Outlook 98, 2000 and 2002.

See also:

Microsoft fixes faulty server patch
Microsoft has released a second version of a patch for its Exchange 2000 mail server software after some systems administrators claimed that the first fix, released last week, had crashed numerous email servers.  12 Jun 2001
Users warned over Microsoft patch
Users should not implement Microsoft's security patch for Outlook 2000, but wait until it issues another version.  23 May 2000
Microsoft prompted to produce patch
Microsoft is working on a patch for a new security flaw in Office 97, which could allow hackers to delete files or manipulate data.  02 Nov 1999

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Java, J2EE, Developer, Spring, Hibernate, London, city, Graduat
| Aston Carter
Java, J2EE, Developer, Spring, Hibernate, London, city, Graduate. This is an amazing opportunity to join a successful city based team working at the cutting edge of development. My client is looking for strong Java/J2EE developers ... more >
E-Commerce, Greenfield, Agile, Java, J2EE, , JavaScript, SQL, L
| Aston Carter
E-Commerce, Greenfield, Agile, Java, J2EE, , JavaScript, SQL, London, City Graduate This is an exceptional opportunity for a talented Java, J2EE developer keen to work in a successful development team within arguable the best agile ... more >
2nd Line Support Analyst - London - to£40k
| Rullion Computer Personnel Ltd
2nd Line Support Analyst London £35, 000 to £40, 500 My client is a global market leader in the Internet Applications Industry. The company is continually progressing and looking for areas of growth and this ... more >
Security Solution Architect
| Rullion Computer Personnel Ltd
Security Architect / Information Security Specialist – St Albans - Global Leader - Shine At The Highest Level Security Solution Architect / Information Security Architect required by renowned blue-chip organisation offering the finest security projects ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Software engineer jobs
Inquirer Jobs Firmware developer jobs, Electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2009
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503