Microsoft VM for Windows at risk of malicious code

By Alun Williams

Posted on 11 Apr 2003 at 12:23

Microsoft has issued a 'critical' warning over its Java Virtual Machine.

A vulnerability has been found in the VM's ByteCode Verifier. When a Java applet is being loaded it doesn't correctly check for the presence of possible malicious code.

The vulnerability means that a Website containing a specially crafted applet could modify files and running programs on your computer.

All Windows machines with the Microsoft VM installed are affected, and the VM is shipped with most versions of Windows. To find out if you are affected, type jview at a command prompt. If the command is not recognised, you do not have the Microsoft VM on your computer.

You can download the necessary patch from the Microsoft TechNet Web site.

Another security update issued by Microsoft involves a flaw in the Winsock Proxy service in Microsoft Proxy Server 2.0, and the Microsoft Firewall service in ISA Server 2000. It allows an attacker on an internal network to send a specially crafted packet that would cause the server to stop responding to internal and external requests. The effect of receiving such a packet would be to cause CPU usage on the server to reach 100 per cent.

There are mitigating factors that make this an 'important' update rather than a critical one. These include the fact that the vulnerability doesn't enable an attacker to gain any privileges on an affected Proxy Server 2.0 or ISA Server. It is strictly a denial of service threat.

You can download an update for this issue from Web site