manunkind
December 16, 2000, 05:48 pm
Microsoft Security Bulletin (MS00-097)
Patch Available for “Severed Windows Media Server Connection” Vulnerability
Originally posted: December 15, 2000
Summary
Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows Media™ Services. The vulnerability could allow a malicious user to degrade the performance of a Windows Media server, possibly to the point where it could no longer provide useful service.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq00-097.asp
Issue
When a connection to a Windows Media server is made, then severed, using a particular sequence of TCP/IP packets, the Windows Media Unicast Service does not release all of the resources allocated to the connection. By repeatedly making and then severing connections in this manner, a malicious user could exhaust the resources on a server, thereby preventing it from providing streaming media services.
If an affected server were attacked via this vulnerability, the server operator could restore normal operation by restarting the Windows Media Service. Any sessions that were in progress would be lost, but users could immediately reconnect and resume normal use.
Affected Software Versions
Microsoft Windows Media Services 4.0
Microsoft Windows Media Services 4.1
Patch Availability http://www.microsoft.com/Downloads/Release.asp?ReleaseID=26470
Note: Windows Media Services 4.1 ships as part of Windows 2000, and the patch for Windows Media Services 4.1 can be applied atop Windows 2000 Gold or SP1. The fix will be incorporated into Windows 2000 SP3.
Note: Windows Media Services 4.0 does not ship as part of any other product. The patch for Windows Media Services 4.0 can be applied to any machine already running the product, and will not be included in any other product's future service packs.
Note Additional security patches are available at the Microsoft Download Center
------------------
Moderator at Help from Techs Support Forums (http://www.helpfromtechs.com)
Patch Available for “Severed Windows Media Server Connection” Vulnerability
Originally posted: December 15, 2000
Summary
Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows Media™ Services. The vulnerability could allow a malicious user to degrade the performance of a Windows Media server, possibly to the point where it could no longer provide useful service.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq00-097.asp
Issue
When a connection to a Windows Media server is made, then severed, using a particular sequence of TCP/IP packets, the Windows Media Unicast Service does not release all of the resources allocated to the connection. By repeatedly making and then severing connections in this manner, a malicious user could exhaust the resources on a server, thereby preventing it from providing streaming media services.
If an affected server were attacked via this vulnerability, the server operator could restore normal operation by restarting the Windows Media Service. Any sessions that were in progress would be lost, but users could immediately reconnect and resume normal use.
Affected Software Versions
Microsoft Windows Media Services 4.0
Microsoft Windows Media Services 4.1
Patch Availability http://www.microsoft.com/Downloads/Release.asp?ReleaseID=26470
Note: Windows Media Services 4.1 ships as part of Windows 2000, and the patch for Windows Media Services 4.1 can be applied atop Windows 2000 Gold or SP1. The fix will be incorporated into Windows 2000 SP3.
Note: Windows Media Services 4.0 does not ship as part of any other product. The patch for Windows Media Services 4.0 can be applied to any machine already running the product, and will not be included in any other product's future service packs.
Note Additional security patches are available at the Microsoft Download Center
------------------
Moderator at Help from Techs Support Forums (http://www.helpfromtechs.com)