Microsoft Environment Analysis Essay

Microsoft Environment Analysis

Writing Assignment

1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. a. 2401593 CVE-2010-3213

b. 2264072 CVE-2010-1886*

c. 980088 CVE-2010-0255

d. 975497 CVE-2009-3103

e. 98343 CVE-2010-0817*

2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue? a. Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked.

3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. a. Advisory Number: 977981 a.i. Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights b. Advisory Number: 979352

b.i. Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. c.

Advisory Number: 954157

c.i. Solution: The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the local system or from the intranet zone, and by preventing Internet Explorer and Windows Media Player from launching the codec at all, this update removes the most common remote attack vectors but still allows games or other applications that leverage the codec locally to continue to function.

Read also  Ip Addresses Classes and Special

Works Cited

Microsoft Security Advisory. (2009, December 8). Retrieved March 31, 2012, from Microsoft Security Adivosry 954157: web Microsoft Security Advisory. (2010, January 14). Retrieved March 31, 2012, from Microsoft Security Advisory 979352: web

More Essays

  • Developments in Hacking, Cybercrime, and Malware

    The number one web based attack of 2009 was Malicious PDF activity 49% of web based attacks–attempts to deliver malicious pdf content to victims through the web. The pdf attack is designed to exploit arbitrary vulnerabilities in applications that are able to process pdf's. A successful pdf attack could...

  • Internet Connections

    The security implications of sharing Internet connections between FTD employees and stuff must be strong in order to assure safety for both the clients and the employees. The main security issue such as data access must be implemented in such a way that the privilege given to the FTD employees which is...

  • Trademark Law and the Internet

    Introduction             The Internet and the World-Wide Web have been the greatest breakthroughs in telecommunication technology in the last century. The rate at which the web has grown is an indicator of its popularity and importance in the world of today. Brief history of the...

  • Overview of Information Systems

    Information Systems Types Description / Benefits Example of Each (Including Vendor Name / Vendor Website) How have you seen them used in your organization or an organization that you are familiar with? 1. Databases A database is a computer mechanism for storing and retrieving data. It gives one true...

  • Ethical Issues Created by Technology

    It is my belief that a crucial part of the ethics of business is computer ethics or information ethics. Most corporations today are teetering on whether computer improprieties are a violation of "professional ethic" rather than a legal ethics issue. The purpose of this paper will be to examine some of the...

  • Sad – Online Grading System

    Currently these are the problems that usually occurs in distributing the students' report cards. What is the extent of the problems faced by the student in terms of the following? a) Accessibility of the student's grades. b) Accuracy of the student's grades given by their teachers. c) Disputes or...

  • Internet Based Home Control System

    We viewed development as a process of change and a continuous learning.. Technological and institutional change or capabilities are at the heart of this process. Technology is much more than an ingredient in development strategies; it is a conditioning element of their viability. As technology rapidly...

  • The Internet in our Lives

    The Internet has always made our lives easier and faster since it was invented. While some people think that the Internet is harmful or dangerous invention especially for children and teenagers, other people debates that the Internet now is functional, because they use it in the most their needs. This essay...

  • Internet Security Enforced

    The advent of computers and their related technologies has greatly impacted on everyday personal, academic, and professional lives. The internet has become one of the leading sources of information as many people prefer to access and analyze the information they need from the World Wide Web. The internet...

  • Project Network Design

    The best network design to ensure the security of Corporation Techs internal access while retaining public Web site availability consists of several layers of defense in order to protect the corporation's data and provide accessibility to employees and the public. The private-public network edge is...

Read also  Young People and the Internet

Microsoft Environment Analysis Essay

1. The five vulnerabilities that exist for this LAN based workgroup are 2755801, 2501696, 2588513 2639658, 2659883. 2. Yes, the vulnerability that involves privilege elevation is 2639658 (Vulnerability in TrueType Font Parsing), but it is not a high priority. 3. 2719662

Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry. 2737111

Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange. 2755801

Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.

More Essays

  • Proxy Server

    Annotations: This research paper is an extract from an about 100 pages enfolding diploma thesis of Martin Eisermann, student at the Fachhochschule Rosenheim (University of Applied Sciences), Germany. It contains the results of performance tests, accomplished with MS Proxy Server 2.0, MS ISA Server and...

  • Strayer Networking

    1.What two access controls can be setup for a Windows Server 2003 folders and authentication? Authentication and Access control. 2.If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? Folder...

  • Operating System Security Flaws

    As basic users, security is one feature that most of us overlook when it comes to operating systems until it is too late. In this paper we will discuss the security flaws within the Windows Operating system, and then discuss countermeasures to fix the system flaw. We will first look at some known flaws in...

  • Windows Server Backup

    There are several ways to work with and use backup data sets when working with DCs in Windows Server 2008 R2. Backups are performed with Windows Server Backup or through its corresponding Wbadmin.exe command-line tool. Both are Windows Server 2008 R2 features and must be added to the server to be made...

  • strategies Used by Microsoft

    Case Summary Microsoft is the world's largest supplier of computer software. It has dominant market share of PC operating systems with its Windows system. High barriers to entry prevent significant competition in the operating systems market. The primary barrier is that a large number of software programs...

  • Distribution Channels Pf Mircosoft

    Microsoft is the world's largest software company, who operates and distributes its products throughout the world (Company information). Microsoft's distribution largely depends on hardware manufactures to pre-install their software (Msdn). "Windows Division revenue growth is largely correlated to the...

  • Operating System and Microsoft Corporation

    Microsoft Corporation is an American multinational software corporation headquartered in Redmond, Washington that develops, manufactures, licenses, and supports a wide range of products and services related to computing. The company was founded by Bill Gates and Paul Allen on April 4, 1975. Microsoft is the...

  • Microsoft Office Sharepoint

    Microsoft office SharePoint server which is shortened as MOSS is an integrated Microsoft server that provides the following services; business intelligence share board, web content management, enterprise search, enterprise content services and shared business processes. Microsoft office SharePoint was...

  • Operating System

    As an American multinational corporation, Microsoft is regarded as the largest software maker measured by revenue in the software market. However, because Microsoft play an apparently dominate role in the market, more and more people argue that Microsoft have made damage on consumers' profit through some...

  • Case Study Economics – Microsoft and Monopoly

    Microsoft has monopoly in PC operating systems, Windows operating systems which are used' in more than 80% of Intel based PC's. This market has high technological barriers. Threat to Microsoft is not from new operating systems but from alternate products such as browsers, which are new softwares that can be...

Read also  The Internet in our Lives