From: crawdad@fnal.gov Subject: Windows critical vulnerabilities: HP Web JetAdmin and WordPerfect Converter Date: September 21, 2004 16:09:39 CDT To: cppm_reg_sysadmins@fnal.gov, pc-manager@fnal.gov Cc: winpol@fnal.gov, computer-security@fnal.gov MS04-027, http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx http://www.ciac.org/ciac/bulletins/o-214.shtml HP Advisory: HPSBPI01078 http://www.ciac.org/ciac/bulletins/o-218.shtml The WordPerfect Converter will generally be invoked if you open a WordPerfect file while you have Word installed, but not WordPerfect. If you are sent a specially-constructed WordPerfect file in such a situation, an attacker can take control of your computer. Various versions of Office and MS Works are affected. Patches are available. A number of systems at Fermilab have HP Web JetAdmin installed, although it's quite difficult to pick them out by a scan because this service generally listens on port 8000, which is sometimes used by other software as well. Version 7.5 is affected and the solution is to update to version 7.6. Please attend to the above issues on systems under your responsibility before the end of September.