- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Wed, Jun 2, 1999
STAT SPECIAL ANNOUNCED
  This issue of W2Knews™ contains:
----------------------------------------------------------------------
1) JUNE '3-FOR-2' STAT YEAR-END OFFER
----------------------------------------------------------------------

I just got some very good news. You'll always see that this happens
_just_ after I send out a newsletter, but this could not wait so here
is a quick NewsFlash.

You all know about STAT, this is a brand new super successful security
scanner that reports to you about what vulnerabilities exist in your 
NT LAN. The developer of STAT is Harris Corporation. Yes, the 3.5
billion Harris that does a lot of work for the US Government. STAT was
developed for Secure NT Government sites. See this URL for the ad:
http://www.sunbelt-software.com/camp99/STAT.jpg

Harris' financial year-end is june 30-th and just today I got a great
offer from them. Best of all, it also rewards everyone that already
bought STAT, as they are included in this offer :-)

Now is the time to get top management buy-in for a comprehensive 
security plan. Since Y2K spending is winding down, and e-commerce is
the future, it's time to batten down the hatches. Need ammo? See:
http://www.zdnet.com/pcweek/stories/news/0,4153,402630,00.html

STAT IS ONE OF THOSE FEW PRODUCTS YOU CANNOT AFFORD NOT TO HAVE

So, what is the deal? You buy 2 and get 3! That saves over $3,000.
Best of all is that current customers that have already bought 1
license, can buy one more and get 2. That's a no-brainer deal if
you look at large domains. Keeping Security IN, is a lot of work.
Very likely you cannot rely on just one person to keep your NT LAN
watertight. This is your chance to get your colleagues equipped
with their own copy, and make sure your NT domains are protected.

Call your Sunbelt Rep or Reseller right away. This offer ends June
30-th without fail. USA: 888 NT UTILS EU: +33-1-47.77.05.00 or
get your demo at: http://www.sunbelt-software.com/stat.htm

And to show you that STAT keeps their promises, a brand new update
has come out just a few days ago that includes support for SP5, and
again helps you battle a bunch of new holes in NT. Here are the
specifics. Current customers can get this at the STAT support site.

Like I have said before, STAT is not just a shrinkwrap piece of
software. This is a tool that comes with your own SWAT TEAM that
will hunt down and plug holes in NT. Here is proof of another bunch
of security risks that STAT will find for you and tell you how to
handle them. You cannot wait till you are attacked. 

STAT Version 2.0 Update 7 May 31, 1999. This update contains a 
roll-up of Updates U2_1_1 through U2_1_6 and the following 
additions/changes: 

490 Exchange Server LDAP Bind - There is a 
vulnerability in the LDAP Bind function for 
Microsoft Exchange 5.5. The Bind function in 
the Exchange Directory Service has an unchecked 
buffer. The vulnerability could allow denial 
of service attacks or allow arbitrary code to 
be run on the server.

492 Word Options Registry Unrestricted - The 
Microsoft Word "Options" registry contains a 
key that enables macro virus protection. Only 
Administrators and SYSTEM should have full 
access. Non-system users (e.g., Eveyone) should 
be limited to read acccess to prevent altering the 
macro virus protection setting.

493 Excel Registry Unrestricted - The Microsoft 
Excel registry contains a key that enables macro 
virus protection. Only Administrators and SYSTEM 
should have full access. Non-system users 
(e.g., Eveyone) should be limited to read acccess 
to prevent altering the macro virus protection 
setting.

494 PowerPoint Options Registry Unrestricted - The 
Microsoft Word "Options" registry contains a key that 
enables macro virus protection. Only Administrators 
and SYSTEM should have full access. Non-system users 
(e.g., Eveyone) should be limited to read acccess to 
prevent altering the macro virus protection setting.

496 Font Drivers Registry - This registry needs to be 
protected from possible Trojan Horses.

497 FontCache Registry - This registry needs to be 
protected from possible Trojan Horses.

498 FontMapper Registry - This registry needs to be 
protected from possible Trojan Horses.

499 Fonts Registry - This registry needs to be 
protected from possible Trojan Horses.

500 FontSubstitutes Registry - This registry needs to 
be protected from possible Trojan Horses.

501 GRE_Initialize Registry - This registry needs to 
be protected from possible Trojan Horses.

502 Type 1 Installer Registry - This registry needs to 
be protected from possible Trojan Horses.

504 Dial-Up Networking Password - If you are using Dial-Up 
Networking (DUN), the password is cached and saved if the 
"Save Password" option is used. This option should be 
disabled for best security practices. Passwords should not 
be cached.

506 CrashOnAuditFail and Logon Enabled - A Windows NT 4.0 
computer may stop responding (hang) when CrashOnAuditFail 
and Logon and Logoff Audting are enabled.

509 Windows Uninstall Registry Key Unrestricted - This 
registry key should not be accessible to users with write 
access. A hacker could potentially add a program that can 
be executed when a user attempts to uninstall or remove an 
application from the system. Restrict Everyone or other 
non-administrator entries to Read only. There is a potential 
of abuse of higher level of rights.

510 Windows RunOnce Registry Key Unrestricted - This registry 
key should not be accessible to users with write access. A 
hacker could potentially add a program that can be executed 
when a user logs in. Restrict Everyone or other 
non-administrator entries to Read only. There is a potential 
of abuse of higher level of right.

512 IMG SRC Tag - "The ""IMG SRC"" tag identifies and loads 
image sources. The tag can be used to point to files of any 
type, not just image tags. The document object models can be 
used to determine the size and information about files on the 
computer of a visiting user, if the file name is known. The 
IMG SRC tag should not be be able to load local files."

513 Cross-Frame Variant - A particular malformed URL could be 
used to execute scripts in the security context of a 
different domain. This could allow a malicious web site 
operator to execute a script on a web site and gain 
privileges on visiting users' machines that are normally 
granted to their trusted sites.

514 Untrusted Scripted Paste on IE 5.0 - The untrusted 
scripted paste vulnerability could allow a malicious web site 
operator to create a particular type of web page control and 
paste into it the contents of a visiting user's clipboard.

ONE SECURITY BREACH WILL COST MANY TIMES MORE THAN A STAT LICENSE.
STAT IS ONE OF THOSE FEW PRODUCTS YOU CANNOT AFFORD NOT TO HAVE.
THIS MONTH IS THE BEST TIME TO GET YOUR STAT LICENSES. ACT NOW.

Warm regards,

Stu Sjouwerman

(email me with feedback: [email protected])