Don't be a Victim! Make Sure You're Protected Against Commonly-Exploited Vulnerabilities!

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

This week, the FBI's National Infrastructure Protection Center (NIPC) released an advisory discussing recent hacker penetrations of US e-commerce and e-banking systems. The advisory noted that more than 40 companies in 20 states have been attacked, and in some cases proprietary information including customer databases and credit card information has been stolen. In many cases, the hackers entered the systems via machines that had not been patched against known vulnerabilities.

Microsoft shares the FBI's and NIPC's concern regarding these attacks, and strongly urges customers to stay current on security patches. Microsoft is committed to providing customers with detailed information about vulnerabilities and how to protect against them. We have recently changed our security bulletin format to provide better, clearer information about vulnerabilities and the risk they pose, and we are delivering tools that will help customers ensure that their systems are up to date. However, only our customers can install the patches on their systems.

A handful of known vulnerabilities account for the vast majority of attacks against systems running Microsoft products. We recommend that all customers immediately review the following security bulletins and ensure that they have taken the appropriate actions.

  • MS99-025, Unauthorized Access to IIS Servers Through ODBC Data Access with RDS. (This bulletin was originally released in July 1998 as MS98-004, Unauthorized ODBC Access with RDS and IIS)

  • MS00-014, SQL Query Abuse.

  • MS00-095, Registry Permissions. (This patch eliminates all of the registry permission issues discussed in MS00-008 as well as several additional ones.)

  • MS00-086, Web Server File Request Parsing. (This patch also eliminates the Web Server Folder Traversal vulnerability discussed in MS00-078.)

As a general practice, we recommend that customers do the following: