From: Tim Philp <bplib@wat.hookup.net>
To: List <cypherpunks@toad.com>
Message Hash: 7a4248d7473f798cdcedbd258a6bea24c940d9f236a43b488879b273801780d8
Message ID: <Pine.OSF.3.91.951021053719.24988A-100000@nic.wat.hookup.net>
Reply To: N/A
UTC Datetime: 1995-10-21 10:21:36 UTC
Raw Date: Sat, 21 Oct 95 03:21:36 PDT
From: Tim Philp <bplib@wat.hookup.net>
Date: Sat, 21 Oct 95 03:21:36 PDT
To: List <cypherpunks@toad.com>
Subject: WinNews Special Issue (fwd)
Message-ID: <Pine.OSF.3.91.951021053719.24988A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain
I am on a Microsoft mailing list that is for developers of Win95 stuff.
Today I found this in my mailbox. This file details a security bug in
Win95 that I thought might be interesting to the group.
Regards,
Tim Philp
Brantford, Ontario,
Canada
===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================
---------- Forwarded message ----------
Date: Fri, 20 Oct 1995 17:15:33 -0700
From: WinNews@Microsoft.com
To: WinNews@microsoft.nwnet.com
Subject: WinNews Special Issue
Microsoft(R) WinNews Electronic Newsletter
Special Issue, October 20, 1995
***********************************************************
Here is some important information on Windows 95 that
may affect some of you. Please make certain to read it.
UPDATED DRIVERS FOR WINDOWS 95 FILE AND PRINTER SHARING
SECURITY ISSUE - October 20, 1995
Microsoft wants its customers to know that it has
discovered and fixed a potential security problem with file
and printer sharing in Windows 95. Only customers who have
enabled file and printer sharing - a non-default option -
may have been at risk, and, to the best of our knowledge,
no users have been harmed. Nevertheless, Microsoft
regards this potential problem with the greatest
seriousness and, we have worked hard over the past week to
resolve it. Microsoft recommends customers using File and
Printer Sharing upgrade to the newer drivers.
How do I know if I am affected?
Only customers that use the File and Printer Sharing option
to share their files with other users on a network are
affected. This option is not enabled by default so unless
you have manually enabled it, you are not affected by this
issue. To determine if File and Printer Sharing is
enabled, choose the Networks Option in the Control Panel.
If file and printer sharing is enabled, you will see
either "File and Printer Sharing for Microsoft Networks"
or "File and Printer Sharing for NetWare Networks" in the
list of installed network components.
What are the issues?
File and Printer Sharing for NetWare Networks
Microsoft was recently made aware of an issue with File
and Printer sharing for NetWare Networks which may affect
data security for corporate users.
Only users whose environments meet both of the following
conditions may be affected:
1. They configure their machine to share files and
printers with other users on the network using File
and Printer Sharing for NetWare networks (This
option is not turned on by default)
2. They enable remote administration or install
Microsoft Remote Registry Services (These options
are not turned on by default)
If your configuration matches that listed above, it is
possible for another user on the network to gain read-only
access to your machine after the administrator has logged
off the machine and until you restart your computer. To
correct this problem, Microsoft has issued an updated
driver for File and Printer Sharing for NetWare Networks.
The updated driver ensures that only valid administrators
have access to the computer's drive.
File and Printer Sharing for Microsoft Networks (not MSN:
The Microsoft Network online service)
Microsoft is also issuing an update for a known problem
with File and Printer Sharing for Microsoft Networks and a
certain UNIX shareware network client (Samba's SMBCLIENT).
The update corrects a problem with share-level security
documented in the Microsoft Knowledge Base on October 9th.
The update also includes a correction for a similar problem
with user-level security that Microsoft recently discovered
as part of its internal testing of the new driver.
Customers whose environments meet all of the conditions
below, may have their data susceptible to network or
Internet hackers:
1. They configure their machine to share files and
printers with other users on the network using File
and Printer Sharing for Microsoft Networks (This
option is not turned on by default)
2. They share a LAN, Internet, or Dial-Up connection
with a UNIX-based computer running Samba's
SMBCLIENT software
3. The network administrator does not disable peer
services using System Policies
The Samba SMB client allows its users to send illegal
networking commands over the network. The Samba client is
the only known SMB client at this time that does not filter
out such illegal commands. SMBCLIENT users do not
automatically have access to the Windows 95 drive, and
must know the exact steps to send these illegal commands.
The updated driver prevents these illegal commands from
being executed, preventing SMBCLIENT users from accessing
the drive on which sharing is enabled. With the updated
driver, the SMBCLIENT user will only have access to those
shared folders that the Windows 95 user has designated.
How do I get the Updated Drivers?
(Please note that this only affects English language
versions of Windows 95.)
Both drivers are available for immediate download from the
Internet (http://www.microsoft.com/windows), The Microsoft
Network online service, and is being made available to
other online services including CompuServe, America Online,
and Prodigy. The updated drivers will also be mailed to
any user free of charge if they call Microsoft's FastTips
line, 800-936-4200, beginning Monday, October 23rd.
Microsoft is committed to providing safe connectivity
solutions for customers. Microsoft takes this
responsibility seriously and has worked, and will continue
to work, with great speed to provide solutions for
customer issues.
Return to October 1995
Return to “Tim Philp <bplib@wat.hookup.net>”