Microsoft Environment Analysis
Boris D. Wester
ITT-Technical Institute
Author Note
1756 North Congress Ave. West Palm Beach, FL. 33409
Microsoft Environment Analysis
1).What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. (2639658), (2755801), (2588513), (2854544), (2659883), (2846338), (2501696), (2847140),
2).Do any vulnerabilities involve privilege elevation? (2846338) involves privilege elevation
Is this considered a high-priority issue? Yes this is a high priority
3).Identify and document at least three vulnerabilities and the solutions related to the client configurations. (2719662)
Answer: Three vulnerabilities and Solutions related to client configurations.
Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling Windows Sidebar and Gadgets can help protect customers from potential attacks that leverage Gadgets to execute arbitrary code. Customers should consider the following ways that an attacker could leverage Gadgets to execute arbitrary code: Microsoft is aware that some legitimate Gadgets running in Windows Sidebar could contain vulnerabilities. An attacker who successfully exploited Gadget vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could create a malicious Gadget and then trick a user into installing the malicious Gadget. Once installed, the malicious Gadget could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. In addition, Gadgets can access your computer's files, show you objectionable content, or change their behavior at any time....