Free security vulnerability software for windows

Windows XP RDP Protocol Security Vulnerability Patch MS02-051 is a patch for removing two vulnerabilities not good for the implementation of the RDP protocol.

The first vulnerability involves the way in which session encryption is implemented in certain versions of RDP. All RDP implementations permit the data in an RDP session to be encrypted. However, in the versions of RDP that are included in Windows 2000 and Windows XP, the checksums for the plain-text session data are sent without themselves being encrypted. An attacker who can ""eavesdrop on"" and record an RDP session might be able to conduct a straightforward cryptanalytic attack against the checksums and recover the session traffic.

The second vulnerability involves the way in which the RDP implementation in Windows XP handles data packets that are malformed in a particular way. When RDP receives such data packets, the Remote Desktop service stops working. When this problem occurs, Windows stops working correctly also. An attacker does not have to be authenticated on an affected computer to deliver packets of this type to an affected computer.

Windows 2000 RDP Protocol Security Vulnerability Patch MS02-051 is a professional and smart patch which eliminates two vulnerabilities affecting the implementation of the RDP protocol.

The first vulnerability involves the way in which session encryption is implemented in certain versions of RDP. All RDP implementations permit the data in an RDP session to be encrypted. However, in the versions of RDP that are included in Windows 2000 and Windows XP, the checksums for the plain-text session data are sent without themselves being encrypted. An attacker who can ""eavesdrop on"" and record an RDP session might be able to conduct a straightforward cryptanalytic attack against the checksums and to recover the session traffic.

The second vulnerability involves the way in which the RDP implementation in Windows XP handles data packets that are malformed in a particular way. When RDP receives such data packets, the Remote Desktop service stops working. When this problem occurs, Windows stops working correctly also. An attacker does not have to be authenticated on an affected computer to deliver packets of this type to an affected computer.

Windows XP Unchecked Buffer Help Security Vulnerability Patch MS02-055 is a beneficial and easy-to-use application which provides much of its functionality. One of the functions that is exposed through the control contains an unchecked buffer. This buffer may be exploited by a Web page that is hosted on an attacker's site or that is sent to a user as an HTML message. An attacker who successfully exploits the vulnerability can run code in the security context of the user, and as a result, an attacker can gain the same privileges as the user on the computer.

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch MS02-055 has come as a useful program to deal with the unchecked buffer in HTML Help which can lead to Code Execution security vulnerability in Windows 2000. The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality.

One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it.

Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn't consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Windows NT 4.0 RPC Interface Buffer Overrun Security Vulnerability Patch 823980 is developed to be a perfect solution to resolve a critical security issue which could allow an attacker to remotely compromise a computer running Microsoft Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Windows XP 64-bit RPC Interface Buffer Overrun Security Vulnerability Patch 823980 has come as a critical security issue that could allow an attacker to remotely compromise a computer running Microsoft Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.