News

Microsoft Confirms DoS Vulnerability in ISA Server 2000

Microsoft Corp. this week acknowledged a security vulnerability in its first security product for the enterprise, Internet Security and Acceleration (ISA) Server 2000.

A flaw in the Web proxy service with ISA Server 2000 makes it vulnerable to internal, and in some cases external, Denial of Service (DoS) attacks.

Microsoft issued a patch for the vulnerability earlier this week. The problem was reported by a security team at FSC Internet Corp.

It is unlikely that it affects many users since ISA has only been generally available since mid-February. ISA serves as a combination Web Proxy server, replacing Proxy Server 2.0, and an enterprise firewall.

The flaw occurs because ISA's Web Proxy service handles Web requests improperly if they exceed a particular length. Processing the request causes an access violation and causes the Web Proxy service to fail.

A server struck by a DoS attack exploiting the vulnerability would not need to be rebooted, and all ISA services other than Web Proxy would continue working normally. Only the Web Proxy service would need to be restarted.

Any internal user could initiate the DoS attack unless the patch is installed. External Internet users could only exploit the vulnerability if the Web Publishing service, which is disabled by default, is turned on.

According to Microsoft, the vulnerability will not allow malicious users to escalate their privileges or bypass the firewall.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Talks Teams and SharePoint at Modern Workplace Event

    It's a hybrid world, but remote work is here to stay, according to Microsoft's Teams and SharePoint head Jeff Teper.

  • Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

    Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks.

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

comments powered by Disqus