Sunday, November 10, 2019
Microsoft Environment Analysis Essay
Microsoft Environment Analysis Writing Assignment 1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. a. 2401593 CVE-2010-3213 b. 2264072 CVE-2010-1886* c. 980088 CVE-2010-0255 d. 975497 CVE-2009-3103 e. 98343 CVE-2010-0817* 2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue? a. Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked. 3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. a. Advisory Number: 977981Ã a.i. Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights b. Advisory Number: 979352 b.i. Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. c. Advisory Number: 954157 c.i. Solution: The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function. Works Cited Microsoft Security Advisory. (2009, December 8). Retrieved March 31, 2012, from Microsoft Security Adivosry 954157: web Microsoft Security Advisory. (2010, January 14). Retrieved March 31, 2012, from Microsoft Security Advisory 979352: web
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.