Positive Technologies’s released another utility for IT and security specialists. The utility detects hosts vulnerable to attacks and network worms.
The latest security bulletins issued by Microsoft - MS08-065, MS08-067 and MS09-001 – eliminate critical vulnerabilities in Server and Message Queuing services. Server service vulnerabilities (MS08-067 and MS09-001) may allow attackers to compromise the target system or execute arbitrary code. MS08-067 vulnerability is now actively exploited by attackers using Conficker worm in different versions.
All vulnerabilities in Windows standard network services are of great danger for corporate networks and individual users and if security system does not have compliance and vulnerability management mechanisms then the vulnerabilities could cause severe incidents.
Positive Technologies experts design the utility to detect whether MS08-065, MS08-067 and MS09-001 updates are installed. The utility is based on penetration testing technologies of MaxPatrol security monitoring system. The utility works in PenTest mode that allows to detect hosts excluded from security updates management system without administration privileges. Only access to CIFS/SMB (445/tcp) and Message Queuing (2103/tcp) service ports is needed.
Considering that vulnerabilities are critical, the utility are useful for IT and security specialists to efficiently detect vulnerable systems and install updates.Detailed data and the utility is available here: http://www.ptsecurity.com/download/pt-check-09-001.zip