The long list of Microsoft security patches has grown by three according to a CNET News.com story. Wednesday, Microsoft issued warnings for two "important" and one "critical" vulnerability found in its products.
The "critical" security hole involves a well-used technique called a buffer overrun and carries that label because it can be exploited without the user taking any action. From the article:
This flaw, located in the HTML converter in Microsoftis Windows operating system, could be used by hackers to spread the code either by sending an HTML e-mail or by creating a special Web page that triggers a download of the code.
The vulnerability exists in many recent versions of Windows, including Windows XP, Windows 2000, Windows 98, Windows 98 Second Edition, Windows Me, Windows NT 4.0 Server and Windows Server 2003. However, the flaw is only rated moderate for Windows Server 2003, because that software ships with a setting known as Enhanced Security Configuration designed to minimize the risk of unauthorized code being launched.
A remedy for this issue has already been posted on the Microsoft TechNet.
The other less serious security holes involve another buffer overrun problem in Windows NT, Windows 2000 Server and Windows XP, involving the SMB file sharing protocol and a flaw in the Windows 2000 Utility Manager that could let a user gain higher system privileges without permission.