InfoSec Handlers Diary Blog - SANS Internet Storm Center

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center

SANS Site Network
- Current Site
- SANS Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication

Published: 2010-03-10
Last Updated: 2010-03-11 22:38:01 UTC
by Rob VandenBrink (Version: 1)

2 comment(s)

Yesterday Microsoft re-released KB973811 ==> http://www.microsoft.com/technet/security/advisory/973811.mspx

This relates back to the original KB973917 ==> http://support.microsoft.com/kb/973917

and advisory MS09-071 ==> http://www.microsoft.com/technet/security/bulletin/ms09-071.mspx

This affects the Extended Protection for Authentication functions within XP, Vista and Server 2003 ==> http://support.microsoft.com/kb/968389

It didn't show up in yesterday's Patch Tuesday review because Microsoft is classifying it as a "non-security upgrade". This is confusing to me, because the update actually includes mitigation against a credential forwarding attack, which you might see on an unencrypted, unsigned connection (yes, there's still a lot of that going around ! )

This update affects XP, Vista and Server 2003. Windows 7 and Server 2008 R2 are not affected.

Thanks to our readers on letting us know about this one. I'm still puzzled as to why this wasn't on Microsoft's list of security updates ...

=============== Rob VandenBrink Metafore ===============

Keywords: microsoft update kb973811 Extended Protection for Authentication 2003 vista xp

2 comment(s)

Top of page

Diary Archives