Content

MS Vulnerability MS04-031

Type
Vulnerability
SubType
Microsoft
Discovery Date
10/12/2004
Length
Minimum DAT
N/A ( )
Updated DAT
N/A ( )
Minimum Engine
5.1.00
Description Added
10/12/2004
Description Modified
10/12/2004 8:32 AM (PT)
Risk Assessment
Corporate User
N/A
Home User
N/A

Tab Navigation

Characteristics

The following Microsoft vulnerability was announced on October 12, 2004.

Microsoft Security Bulletin MS04-031
Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

For Microsoft's details of this vulnerability please see: http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx

Symptoms

N/A

Method of Infection

N/A

Removal

McAfee DAT Files
 The 4398 DAT files (Release Date: 10/13/2004) will contain new signatures to detect exploits using the exploit demo code as Exploit-NetDDE.demo.

McAfee Entercept
Entercept's buffer overflow protection protects against code execution that may result from exploitation of the buffer overflow/overrun vulnerabilities.

McAfee IntruShield
 A signature set will be released Oct 15th that will provide protection against this vulnerability.  McAfee Intrushield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.

McAfee System Compliance Profiler
 System Compliance Profile users can detect the MS04-031 (Q841533) vulnerability by:

Downloading the file: SCP_MS04-031_(841533).txt

Copy the contents of the above file, and paste within your main ruleset group.

Variants

Variants

    N/A

All Information

Overview -

Characteristics

Characteristics -

The following Microsoft vulnerability was announced on October 12, 2004.

Microsoft Security Bulletin MS04-031
Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

For Microsoft's details of this vulnerability please see: http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx

Symptoms

Symptoms -

N/A

Method of Infection

Method of Infection -

N/A

Removal -

Removal -

McAfee DAT Files
 The 4398 DAT files (Release Date: 10/13/2004) will contain new signatures to detect exploits using the exploit demo code as Exploit-NetDDE.demo.

McAfee Entercept
Entercept's buffer overflow protection protects against code execution that may result from exploitation of the buffer overflow/overrun vulnerabilities.

McAfee IntruShield
 A signature set will be released Oct 15th that will provide protection against this vulnerability.  McAfee Intrushield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.

McAfee System Compliance Profiler
 System Compliance Profile users can detect the MS04-031 (Q841533) vulnerability by:

Downloading the file: SCP_MS04-031_(841533).txt

Copy the contents of the above file, and paste within your main ruleset group.

Variants

Variants -

    N/A