Preview

Microsoft's Environment Analysis

Satisfactory Essays
Open Document
Open Document
293 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Microsoft's Environment Analysis
NT2580
Homework
Week 2
Microsoft Environment Analysis

1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
CVE-2010-321
CVE-2010-1886
CVE-2010-0255
CVE-2009-3103
CVE-2010-0817
2. Does any vulnerability involve privilege elevation? Is this considered a high-priority issue?
CVE-2010-0817 and CVE2010-1886 are the only ones listed that involve privilege elevation and are not considered a high-priority issue.
3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 977981
Solution: this security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose account are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 979352
Solution: this security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Advisory Number: 954157
Solution: this update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the Internet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec

You May Also Find These Documents Helpful

  • Satisfactory Essays

    NT2580 Lab 2

    • 385 Words
    • 2 Pages

    A CVE (Common Vulnerabilities and Exposures) are known vulnerabilities and also show you how to patch them. They are from the Mitre Corporation but are under contract for Homeland Security and NCSD.…

    • 385 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Lab10 worksheet

    • 1151 Words
    • 5 Pages

    The director of IT at Contoso, Ltd. wants to prevent the company’s Windows 7 users from modifying the default Internet Explorer configuration by installing additional software, such as add-ons and accelerators. She also wants to ensure that the company intranet pages, designed several years ago for a previous IE version, display properly in IE8. Finally, the director wants to ensure that all Internet browsing activity on the network is logged for later examination. Your job is to configure the appropriate Group Policy settings to implement these requirements in your GPO.…

    • 1151 Words
    • 5 Pages
    Good Essays
  • Good Essays

    Unit 2 Lan

    • 272 Words
    • 2 Pages

    Weekly tasks or assignments (Individual or Group Projects) will be due by Monday and late submissions will be assigned a late penalty in accordance with the late penalty policy found in the syllabus. NOTE: All submission posting times are based on midnight Central Time.…

    • 272 Words
    • 2 Pages
    Good Essays
  • Good Essays

    IS4560

    • 486 Words
    • 2 Pages

    7. Given that Apache and Internet Information Services (IIS) are the two most popular web application servers for Linux and Microsoft Windows platforms, what would you do to identify known software vulnerabilities and exploits?…

    • 486 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Lab 2 Instructions

    • 389 Words
    • 2 Pages

    1. What vulnerabilities exist for the workgroup LAN listed above based on the advisories? List five of them. Explain what could happen to the LAN for each.…

    • 389 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS 4560 Week 1

    • 309 Words
    • 2 Pages

    Web-based attacks – the increasing pervasiveness of Web browser applications along with increasingly common, easily exploited Web browser application security vulnerabilities has resulted in the widespread growth of Web-based threats. Attackers wanting to take advantage of client-side vulnerabilities no longer need to actively compromise specific networks to gain access to those computers. Instead, they can focus on attacking and compromising websites to mount additional, client-side attacks.…

    • 309 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Identify risks that could lead to an information security breach, Identify vulnerabilities in system security, software operation, network design or employee procedures that could lead to a network failure.…

    • 339 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    IS3220 Assignment 3

    • 980 Words
    • 4 Pages

    As part of the network security team, we will be proving IDI with a network security plan to mitigate the vulnerabilities that have been discovered. A secure site will be set up with network intrusion detection and network protection systems will be available to access via the internal network. Policies will be presented for remote access and the use of VPN. Also contained within this report will be strategies for hardening the network and mitigating risks. An updated network layout with increased network security to meet the current needs will be included.…

    • 980 Words
    • 4 Pages
    Good Essays
  • Powerful Essays

    NT 2580 Project Part 2

    • 2096 Words
    • 9 Pages

    Issue three. Based on the premise that there is a mix of computer running Windows 2000, Windows XP, Windows Vista, Windows 7, and Mac OS X, you must research and devise a plan to thwart malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code.…

    • 2096 Words
    • 9 Pages
    Powerful Essays
  • Satisfactory Essays

    Lab #2

    • 402 Words
    • 2 Pages

    2. What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems…

    • 402 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS4560 Lab 1 Assessment

    • 292 Words
    • 1 Page

    13. To truly test the IT security team, if they know the attack is coming they can prepare for the attack.…

    • 292 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    A security breach has been identified within a small Microsoft workgroup LAN. The workgroup consists of three primary workgroups which contain group membership lists of users within the Active Directory infrastructure that currently exists on the SMB Server that is located within the confines of the LAN structure. The security breach, which is defined as any event that results in a violation of any of the CIA (confidentiality, integrity, availability) security principles, was caused by the SMB server being accessed by an unauthorized user due to a security hole that was detected by the server software manufacturer the previous day. The security patch will not be available until possible as long as three days, but hopefully within that timeframe. In addition, the LAN administrator needs at least one week (minimum) to download, test, and install the patch.…

    • 606 Words
    • 3 Pages
    Good Essays
  • Good Essays

    ISSC362 Week 2 Lab

    • 454 Words
    • 2 Pages

    Vulnerability MS08-067 is an exposure in Server Service that could allow remote code execution in an affected system. The operating systems affected are Microsoft Windows 2000, Windows XP, and Windows Server 2003.…

    • 454 Words
    • 2 Pages
    Good Essays
  • Better Essays

    Nt1330 Unit 1 Essay

    • 601 Words
    • 3 Pages

    The number two web based attack of 2009 was the Microsoft Internet Explorer ADODB.Stream Object file installation weakness. This exploit accounted for 18% of the total number of web based exploits for the year.This vulnerability allows hackers to install malicious files on a vulnerable computer when a user visits a website hosting an exploit. In…

    • 601 Words
    • 3 Pages
    Better Essays
  • Powerful Essays

    1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.…

    • 537 Words
    • 2 Pages
    Powerful Essays