Patch Available to Re-enable Personal Firewall

Last week, BugNet reported an incompatibility between Windows 2000 Service Pack 1 and ZoneAlarm. After more testing with KeyLabs, BugNet was able to identify another personal firewall product that fell victim to Microsoft’s update for Windows 2000. BlackICE Defender users were surprised to find their TCP/IP filtering down for the count after installing SP1. Fortunately, Network ICE was quick to release a patched version that eliminates the SP1 incompatibility. Read the rest of this entry »

Key Vulnerability Hits PGP

Testing at KeyLabs has verified a security vulnerability that has been discovered in Network Associates PGP (Pretty Good Privacy) encryption program. Giving rise to some “I told you sos”, the vulnerability happens because of a feature added to let certain third-parties read your encrypted mail.

The problem was found by German researcher Ralf Senderek, and has been circulated by CERT, and acknowledged by Network Associates. It affects PGP 5.5.x through PGP 6.5.3 for Windows 95, 98, NT, and 2000.

Encryption in PGP works via a mathematical formula using a private key and a public key. The public key is known to others, and is usually made available through public sources. The problem is due to the introduction of another type of key, called an Additional Decryption Key (ADK). These ADKs were the solution that PGP used for key escrow, which provides a means for someone else, like your company or the FBI, to read your encrypted mail.? Read the rest of this entry »

Hotmail Users Need to Update Browser

For many people, the axiom, “If it ain’t broke, don’t fix it”, is their modus operandi. With so many other things to worry about, updating a browser that seems to be working fine just isn’t a high priority. However, a recently discovered security bug in Hotmail may serve as a wakeup call to all Internet Explorer 4.x and 5.0 users. BugNet has verified a security vulnerability that would allow a malicious user to usurp control of someone else’s Hotmail account, allowing the hacker to read and to send e-mail from that account. Because this security hole can be thwarted by upgrading IE, we recommend that all Hotmail users verify that they are running the most current version of the Microsoft browser.? Read the rest of this entry »

Telnet, the mainstay of remote management for decades, got a feature enhancement in Windows 2000 that might streamline the logon process, but could also expose user authentication credentials to a hacker. Microsoft has recently released a patch that eliminates a security vulnerability in Windows 2000 telnet client. The bug could allow a malicious user to trick an unsuspecting victim into automatically starting a telnet session with the hacker’s telnet server, thereby transmitting critical user authentication information to that server.

With the help of KeyLabs, BugNet was able to reproduce this bug that affects all Windows 2000 users. The vulnerability occurs because of a new authentication feature added to Windows 2000’s telnet.exe. Read the rest of this entry »

Pragma Systems Inc., an Internet software products developer for the Windows platform, recently released a patch for their telnet server for Windows NT/2000. The fix eliminates a denial of service (DoS) vulnerability that could cause an application crash if one of two different scenarios is met. The bug, originally reported by the Underground Security Systems Research organization (USSRBack), involves a buffer overflow memory problem in the remote execution daemon (rexecd.exe) in the Pragma Telnet Server. By hitting the server with a carefully constructed Internet packet, a malicious user could crash the Pragma telnet server requiring the server administrator to restart the telnet server application, or, in some situations, to reboot the system.? Read the rest of this entry »

With the testing out of the way, the time comes to implement your groupware system. With a little skill, roll-out can be smooth sailing because the implementation is phased, and you’re having the server do most the work.

Do: Script the client installation and use application launcher to automatically push the client install to the desktop. Groupware client installations have several questions that affect the installed settings. Your users don’t need to answer those questions (or bother you with questions about how to answer them) if you script the install to do the work for them.? Read the rest of this entry »

Here are some of the more dangerous,
comic or widespread bugs affecting PCs right now, selected from among
thousands of entries in the BugNet BugMaster Database.

Picture
It! 2000Microsoft says in Picture It! 2000 the steps for “Create a new folder”
in the Catalog Help topic aren’t accurate. An existing folder can be
cataloged, but creating a new folder in the Picture It! 2000 catalog
isn’t possible. Read the rest of this entry »

Interesting
things often happen when Microsoft releases a Service Pack. Of
course, to BugNet, “interesting” means crippling incompatibilities,
massive breakdowns, and lots of angry users.

To your good fortune, and
our bad, Windows 2000 Service Pack 1 appears to have rolled out smoothly.
The only exception seems to have been the problem with two firewall
devices, ZoneLabs ZoneAlarm, and Network Ice BlackICE Defender. After
installing SP 1, ZoneAlarm users were unable to connect via TCP/IP,
which crippled Internet and many network connections. Users of BlackICE
found their system unprotected. Follow the links below for the full
details on these two problems, and on how to get their fixes.

Both these problems were
fixed rather quickly. Last minute changes to Microsoft’s Software
Development Kit may have partly been the cause of these problems.
The problem was also thoroughly dissected in the Microsoft.public.win2000.general
newsgroup, with Microsoft bashers and defenders having a good time.
Since lots of that talk is unsubstantiated (but fun) we will let you
check that out on your own.

Service Pack 1 is a collection
of bug fixes. Most important, it includes 17 security hot fixes that
Microsoft has released this year. If you haven’t been diligent applying
your security patches, SP 1 is a fast way to catch up. There are also
many other bug fixes included. You can find the details on many of
those in the BugNet database.

Update Your Recovery
Console

One important troubleshooting
feature of Windows 2000 is the Recovery Console. It is an alternative
way to log on to a computer that won’t boot, giving you access to
the Command Prompt and a number of DOS-like utilities for making repairs
to a computer. It’s loosely equivalent of booting straight to DOS
on an older generation Windows computer. These utility files are housed
by default in your system drive’s \Cmdcons folder.

Microsoft points out that
upgrading to Service Pack 1 does not update this folder. The only
way to update your Recovery Console is to re-run the command that
created it in the first place:

winnt32.exe
/cmdcons

• Either on your computer,
  or on a network distribution share, create a new folder, such as \win2kint.
• Take your original Windows
  2000 CD-ROM, and copy all the contents to the \win2kint folder. You
  can do this by clicking and dragging via Windows Explorer, or any
  other way you would normally copy files.
• Next you need to put
  your Service Pack CD into your drive, and run Update.exe in slipstream
  mode. You can do it with this command: d:\i386\update\update.exe
  /s:c:\win2kint
  d: would be the drive letter for your CD-ROM, and c: would
  be the drive where you created the folder in step 1.
  
• Now go to your newly integrated
  folder, and run winnt32.exe/ cmdcons

• Click
  Start, Run
• Type

  cmd

  in the dialog, and click OK.

• At the
  command prompt, change your directory to \%systemroot%\$NtServicePackUninstall$\spuninst\
  
• Give this
  command

  spuninst.exe

• Later,
  you can close the Command Prompt window by typing Exit