Blog: Vulnerability

HP printers are comonly detected in financial institution audits due to a vulnerable SSL version in use.  Many older models contain multiple vulnerabilities that cannot be fixed with firmware upgrades because the older printers are no longer supported.
 
Customers can use the HP WebJet Admin software to manage these printers through SNMP and disable the web server completely.  However make sure the SNMP community strings have been changed from the default "public" and "private".


 
 

On Thursday, October 23 2008, Microsoft released a critical out-of-cycle security update. This update addresses a vulnerability in the Windows server service that could allow remote code execution. Microsoft has rated this vulnerability Critical for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. This vulnerability has been rated Important for all supported editions of Windows Vista and Windows Server 2008.

The update addresses the vulnerability by correcting the way that the Server service handles RPC requests. Additional technical details on the vulnerability and update can be accessed at:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

As a best practice, RPC functionality should not be exposed directly to the Internet. However as a precaution, CoNetrix recommends applying the update available from Microsoft as soon as possible.

If you have any questions or need assistance with this update, please contact CoNetrix at support@conetrix.com or call (800) 356-6568.


 

On July 8, security researcher Dan Kaminsky announced he planned to reveal details about the DNS vulnerability (DNS cache poisoning) at Black Hat.  Since then, many technology vendors have provided patches to help fix the flaw.

Kaminsky has provided a "DNS Checker" self test on his website - see his personal blog at http://www.doxpara.com/