ASN_1.2_VULNERABILITY

This vulnerability is due to an unchecked buffer in the Microsoft ASN.1 library. An attacker or a specially-designed malware can cause this buffer to overflow and execute code with system privileges on affected systems. With the ability to execute code with system privileges, the attacker or the malware may install programs, view and modify data, and create new accounts with full privileges.

For more information about this vulnerability, refer to the Technical Details section. A detailed article is also available at Microsoft Security Bulletin MS04-007.

This buffer overflow vulnerability affects the following software:
Microsoft Windows NT Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft 2000 Windows Service Pack 4
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003, Microsoft Windows XP 64-Bit Edition Version 2003 Service Pack 1
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition

Solution:



Applying Patches

This malware exploits known vulnerabilities in the Microsoft ASN.1 library, which is a component found in certain installations of Windows NT, 2000, Server, and Server 2003. Download and install the fix patch supplied by Microsoft. Refrain from using this product until the appropriate patch has been installed. Trend Micro advises users to download critical patches upon release by vendors.

Note: Windows NT 4.0 does not install Microsoft ASN1.2 by default. Security updates for Windows NT 4.0 is only necessary if the affected file Msasn1.dll is present    
Overview