• United States

Latest Microsoft patch could be most critical

Feb 16, 20042 mins
Enterprise ApplicationsMicrosoftPatch Management Software

* Microsoft offers patch for critical buffer overflow vulnerability

Microsoft released its “first Tuesday” patch bundle last week, and one of the included patches could be the most critical in a long time. It affects every Windows operating system beginning with Windows NT 4 right up through Windows Server 2003. The patch is to correct a problem that would allow a malicious person to take over control of a computer remotely.

The nature of the problem is our old friend, the buffer overflow. In this instance, it’s a buffer in the “ASN.1” library. This library supports the international Abstract Syntax Notation standard, and is used by most applications running in a Windows environment as a way of interpreting binary data.

The ASN.1 information site ( but don’t worry, it’s in English) explains the standard as: “…a formal language for abstractly describing messages to be exchanged among an extensive range of applications involving the Internet, intelligent network, cellular phones, ground-to-air communications, e-commerce, secure electronic services, interactive television, intelligent transportation systems, VoIP and others. Due to its streamlined encoding rules, ASN.1 is also reliable and ideal for wireless broadband and other resource-constrained environments. Its extensibility facilitates communications between newer and older versions of applications. In a world of change, ASN.1 is core technology, constantly adapting to new technologies.”

That covers most of what you do on your computer, so you can understand the critical nature of the patch – just about everyone using a Windows-based computer is vulnerable. According to Microsoft’s security bulletin ( “An attacker who successfully exploited this buffer overflow vulnerability could execute code with system privileges on an affected system. The attacker could then take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.”

This is a particularly nasty security hole. You need to patch every computer on your network just as soon as possible.

It will be interesting to see if Bill Gates mentions this “little” problem when he addresses the RSA Security show ( next Tuesday morning. It is, after all, the world’s largest gathering of security professionals.