MICROSFOT ENVIRONMENT ANALYSIS 1MICROSFOT ENVIRONMENT ANALYSIS 2

Unit 2 Assignment 2: Microsoft Environment AnalysisDaniel RossNT2580 Introduction to Information SecurityITT Technical Institute

1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. 1. Microsoft Security Advisory (2264072) CVE-2010-1886 Elevation of privilege using Windows Service Isolation Bypass. 2. Microsoft Security Advisory (2659883) CVE-2011-3414 Vulnerability in ASP.NET could allow Denial of Service. 3. Microsoft Security Advisory (979352) CVE-2010-0249 Vulnerability in Internet Explorer could allow Remote Code Execution.4. Microsoft Security Advisory (2588513) CVE-2011-3389 Vulnerability in SSL/TLS could allow information disclosure. 5. Microsoft Security Advisory (2638420) CVE-2011-3414 Vulnerability in .NET could allow Elevation of Privilege. CRITICAL. 2. Do any vulnerability involve privilege elevation? Is this considered a high priority issue? Yes, Microsoft Security Advisory (2264072) CVE-2010-1886 Elevation of privilege using Windows Service Isolation Bypass and Microsoft Security Advisory (2638420) CVE-2011-3414 Vulnerability in .NET could allow Elevation of Privilege. CRITICAL. They are high-priority issues.

3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. Advisory Number: 2757760 Solution: This update will help to ensure the continued functionality of all software that was signed with a specific certificate that did not use a timestamp Enhanced Key Usage (EKU) extension. To extend their functionality, WinVerifyTrust will ignore the lack of a timestamp EKU for these specific X.509 signatures. Advisory Number: 2737111 Solution: The security update addresses the vulnerabilities by updating the affected Oracle outside in libraries to a non-vulnerable version. For more information about the vulnerabilities. This security update also addresses the vulnerabilities first described in Microsoft Security Advisory 2737111 for affected editions of Microsoft SharePoint Server 2010. Advisory Number: 2661254 Solution: This update impacts applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function. These applications and services will no longer Kevin Deleon Nt2580 Thursday night trust certificates with RSA keys less than 1024 bits in length. Examples of impacted applications and services include but are not limited to encrypted email, SSL/TLS encryption channels, signed applications, and private PKI environments. Certificates that use cryptographic algorithms other than RSA are not affected by this update. For more information about applications and services impacted by this update, see Microsoft Knowledge Base Article 2661254.

References(2010, September 15). Retrieved from htttp://www.microsoft.com: htttp://www.microsoft.com/technet/security/advisory/archive.mspx