====================== SPONSORED BY SYMANTEC ========================== Norton AntiVirus Enterprise Solution 4.0 provides fast, enterprise-wide virus protection. By combining award-winning Symantec products with centralized, scalable management from Intel® and expert technologies from IBM®, Norton AntiVirus Enterprise Solution delivers unmatched protection from virus threats. Easy-to-use and scalable centralized management allows IT managers to lock down policies from a single console to keep your Windows® systems up-to-date and properly configured. And its superior automation provides an intelligent solution that gives organizations proactive protection. Norton AntiVirus Enterprise Solution provides fast, reliable, and hands-free virus detection, analysis, and infection repair delivery. Click here to order your free evaluation kit! http://www.symantec.com/specprog/sym/3100.html ======================================================================= February 23, 2000 - Two new risks were reported today: Microsoft reported a problem with its Systems Management Server 2.0 that may allow an intruder to gain elevated privileges on the system or network. The company has issued patches that correct the matter. Georgi Guninski reported a problem with WordPad that may allow unwanted code to execute on the desktop. According to the report, an exploit could be launched using a Web page and Internet Explorer. Microsoft is aware of the problem, however no official response was known at the time of this writing. For complete details on these matters, as well as links to patches and other relevant information, please visit the pages listed below: * SMS May Allow Elevated Privileges http://www.ntsecurity.net/go/load.asp?iD=/security/sms3.htm * Wordpad May Execute Embedded Code http://www.ntsecurity.net/go/load.asp?iD=/security/wordpad2.htm Thanks for subscribing to Security UPDATE. Please tell your friends about this newsletter and alert list! Sincerely, The Security UPDATE Team security@ntsecurity.net ======================================================================= TO UNSUBSCRIBE from this alert list DO NOT REPLY, instead send e-mail to listserv@listserv.ntsecurity.net with the words "unsubscribe securityupdate" in the body of the message without the quotes. TO SUBSCRIBE to this alert list, send e-mail to the same address listed above with the words "subscribe securityupdate anonymous" in the body of the message without the quotes. ======================================================================= Security UPDATE is powered by LISTSERV(R) software http://www.lsoft.com/LISTSERV-powered.html ======================================================================= Copyright (c) 2000 Duke Communications Intl. Inc. - ALL RIGHTS RESERVED Forwarding this email is permitted, as long as the entire message body, the mail header, and this notice are included.