=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN720
_____________________________________________________________________

DATE                      : 18/11/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP.

======================================================================

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: November 16, 2005
********************************************************************

Security Advisory Released Today
==============================================

* Security Advisory (911052)

   - Title:  Memory Allocation Denial of Service via RPC

   - Web site: http://go.microsoft.com/fwlink/?LinkId=56473

- From the Microsoft Website
==========================

Microsoft is aware of public reports of proof-of-concept code that seeks to
exploit a possible vulnerability in Microsoft Windows 2000 Service Pack 4 and
in Microsoft Windows XP Service Pack 1. This vulnerability could allow an
attacker to levy a denial of service attack of limited duration.

On Windows XP Service Pack 1, an attacker must have valid logon credentials
to try to exploit this vulnerability. The vulnerability could not be
exploited remotely by anonymous users. However, the affected component is
available remotely to users who have standard user accounts. Customers who
have installed Windows XP Service Pack 2 are not affected by this
vulnerability. Additionally, customers running Windows Server 2003 and
Windows Server 2003 Service Pack 1 are not affected by this vulnerability.

Microsoft is not aware of active attacks that use this vulnerability or of
customer impact at this time. However, Microsoft is actively monitoring this
situation to keep customers informed and to provide customer guidance as
necessary.

Microsoft is concerned that this new report of a vulnerability in Windows 2000
Service Pack 4 and Windows XP Service Pack 1 was not disclosed responsibly,
potentially putting computer users at risk. We continue to encourage
responsible disclosure of vulnerabilities. We believe the commonly accepted
practice of reporting vulnerabilities directly to a vendor serves everyone's
best interests. This practice helps to ensure that customers receive
comprehensive, high-quality updates for security vulnerabilities without
exposure to malicious attackers while the update is being developed.

We continue to encourage customers to follow our Protect Your PC guidance of
enabling a firewall, getting software updates, and installing antivirus
software Customers can learn more about these steps by visiting Protect
Your PC Web site.

Mitigating Factors
==================
	
On Windows XP Service Pack 1 an attacker must have valid logon credentials to
try to exploit this vulnerability. The vulnerability could not be exploited
remotely by anonymous users. However, the affected component is available
remotely to users who have standard user accounts. In certain configurations,
anonymous users could authenticate as the Guest account. For more information,
see Microsoft Security Advisory 906574.
	
Customers who are running Windows XP Service Pack 2, Windows Server 2003 and
Windows Server 2003 Service Pack 1 are not affected by this vulnerability.

Firewall best practices and standard default firewall configurations can help
protect networks from attacks that originate outside the enterprise perimeter.
Best practices recommend that systems that are connected to the Internet have
a minimal number of ports exposed.

Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Additional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
   valuable information to help you protect your network. This
   newsletter provides practical security tips, topical security
   guidance, useful resources and links, pointers to helpful
   community resources, and a forum for you to provide feedback
   and ask security-related questions.
   You can sign up for the newsletter at:

   http://www.microsoft.com/technet/security/secnews/default.mspx

* Microsoft has created a free e-mail notification service that
   serves as a supplement to the Security Notification Service
   (this e-mail). The Microsoft Security Notification Service:
   Comprehensive Version. It provides timely notification of any
   minor changes or revisions to previously released Microsoft
   Security Bulletins and Security Advisories. This new service
   provides notifications that are written for IT professionals and
   contain technical information about the revisions to security
   bulletins. To register visit the following Web site:

   http://www.microsoft.com/technet/security/bulletin/notify.mspx

* Protect your PC: Microsoft has provided information on how you
   can help protect your PC at the following locations:

   http://www.microsoft.com/security/protect/

   If you receive an e-mail that claims to be distributing a
   Microsoft security update, it is a hoax that may be distributing a
   virus. Microsoft does not distribute security updates through
   e-mail. You can learn more about Microsoft's software distribution
   policies here:

http://www.microsoft.com/technet/security/topics/policy/swdist.mspx

********************************************************************
THE INFORMATION PROVIDED IN THE THIS EMAIL IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================