Microsoft traps NT Server vulnerability

By Alun Williams

Posted on 15 Aug 2003 at 11:33

Microsoft has reissued a Security Bulletin concerning a possible denial-of-service vulnerability for Windows NT server.

Bulletin MS03-029 addresses a flaw in a Windows NT 4.0 Server file management function. This can cause memory to be freed, which it does not actually own, when it receives a specially crafted request. The net result is that a memory fault that could cause the application passing the request to fail.

This was patched in a bulletin originally issued on 23 July 2003. Subsequently, however, issues emerged for systems that have the Remote Access Service (RAS) enabled on them. It seems RAS could fail when the system is rebooted after applying the patch. Microsoft is re-releasing the bulletin to reflect the updated patch.

The problem only has a severity rating of 'Moderate' because the default installation of NT 4.0 Server means the affected function is not accessible remotely, and the vulnerability cannot be used to cause Windows NT 4.0 Server itself to fail. Only the application that makes the request may fail.

Windows NT 4.0 Server and NT 4.0 Terminal Server Edition are the software affected. Note that Internet Information Server (IIS) 4.0, Microsoft Windows 2000, XP and Windows Server 2003 are unaffected by the problem

You can find more information on Microsoft's TechNet. Updates can be downloaded from Windows Update.