Just one of the three flaws is rated critical, the highest ranking Microsoft uses, while the other two were tagged as important and moderate, the next two steps in the company's four-stage scoring system.
MS08-001, the update that quashed two bugs in a trio of Windows' TCP/IP protocols, was the obvious pick for immediate deployment. "This is a classic kind of IP attack," said Andrew Storms, director of security operations at nCircle Inc. "All an attacker needs is a well-crafted multicast packet."
Amol Sarwate, the manager of Qualys Inc.'s vulnerability lab, agreed. "An attack doesn't require any user intervention," he said, "such as clicking on a link or opening an attachment. An attack only requires remotely-sent packets."
The three vulnerable protocols patched by the update include Internet Group Management Protocol (IGMP), Multicast Listener Discovery (MLD) and Internet Control Message Protocol (ICMP). The first two are used in over-IP multicasting -- the classic example of that one-to-many technology is a Webcast -- while the third, ICMP, is a maintenance protocol that manages more mundane things: network connectivity and routing.
Microsoft plugs 3 holes today
Posted on Tuesday, January 08 2008 @ 21:57 CET by Thomas De Maesschalck