MS Patch Tuesday: Critical Windows, Office flaws fixed
Microsoft’s scheduled batch of patches for November crossed the wires today with fixes for at least four documented vulnerabilities affecting millions of Windows and Office users.
As previously reported, the company released two security bulletins — one rated critical, one rated important — with fixes for flaws that could lead to remote code execution attacks. The updates apply to users running all supported versions of Windows (including Vista and Windows Server 2008) and most versions of Microsoft Office.
The critical MS08-069 bulletin should be treated with the utmost priority because of the risk of remote code execution attacks if a Windows user is simply tricked into browsing to a rigged Web page with Internet Explorer.
Details from the bulletin:
- CVE-2007-0099: A remote code execution vulnerability exists in the way that Microsoft XML Core Services parses XML content. The vulnerability could allow remote code execution if a user browses a Web site that contains specially crafted content or opens specially crafted HTML e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- CVE-2008-4029: An information disclosure vulnerability exists in the way that Microsoft XML Core Services handles error checks for external document type definitions (DTDs). The vulnerability could allow information disclosure if a user browses a Web site that contains specially crafted content or opens specially crafted HTML e-mail. An attacker who successfully exploited this vulnerability could read data from a Web page in another domain in Internet Explorer. In all cases, however, an attacker would have no way to force users to visit these Web sites.
- CVE-2008-4033: An information disclosure vulnerability exists in the way that Microsoft XML Core Services handles transfer-encoding headers. The vulnerability could allow information disclosure if a user browses a Web site that contains specially crafted content or opens specially crafted HTML e-mail. An attacker who successfully exploited this vulnerability could read data from a Web page in another domain in Internet Explorer.
The second update — MS08-068 — provides cover for a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol. Exploit code for this flaw is currently available on the Internet.
- CVE-2008-4037: A remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker’s SMB server. This vulnerability allows an attacker to replay the user’s credentials back to them and execute code in the context of the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Post a Comment