Posts Tagged ‘Microsoft Security Bulletin’

Windows Security Bulletins and Security News

Lots and lots of computer security related news recently, the IE and Firefox brouhaha concerning a high security risk with how IE handles a “firefoxurl://” URI (uniform resource identifier), Haute Secure blocks malware, Microsoft security bulletins and Facebook pimping da crudware baby.

Firefox and IE together brew up security trouble News.com article about the Firefox and IE combo flaw that could allow someone to compromise their machine remotely.

Site Advisor 2.0: Haute Secure Launches To Detect and Block Malware Little review of Haute Secure from Michael Arrington, he says, “Haute Secure launched moments ago: it?s a new browser plug-in that the company says will detect and block malware before it has a chance to infect your computer. The timing couldn?t be better as news spreads of more Windows-based vulnerabilities.”

Haute Secure They block bad sites and then let you decide if you want to allow it or not. Sounds like the UAC feature of Windows Vista, but I haven’t tried it yet myself.

Microsoft Security Bulletin MS07-036 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542) This critical security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities as well as other security issues identified. These vulnerabilities could allow remote code execution on your computer if a user opens a specially created Excel file. Users whose accounts are not configured to run as Administrator will be less impacted than those who do. This is a critical security update for supported editions of Microsoft Office 2000. For supported editions of Microsoft Office XP, Microsoft Office 2003, 2007 Microsoft Office System, this update is rated important. This update is also rated important for the Excel Viewer 2003, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.

Microsoft Security Bulletin MS07-039 – Critical Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122) This critical security patch resolves a vulnerability in Active Directory on Windows 2000 Server and Windows Server 2003 that could allow remote code execution or a denial of service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition, and remote code execution could be possible. On Windows Server 2003 an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Facebook found pimping crudware Facebook has become the latest website to be found pushing services that deliver highly deceptive security warnings designed to trick users into buying software. Purveyors of this scam are making use of Facebook Flyers, small ads that get posted on Facebook pages associated with a specific region. At 5,000 impressions for just $10, it’s a bargain.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - July 11, 2007 at 3:04 am

Categories: Firefox, IE7, Security   Tags: , , , , , , , , ,

Security Update for the Windows Meta File Vulnerability Available

Apparently, or accidentally as zdnet reported, Microsoft has released a patch to fix the WMF vulnerability in Windows, here is the bulletin Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919). The date on this page is from yesterday, so, even if it got released by accident, it looks like they were going to release it early anyway.

This vulnerability is currently being exploited and was previously discussed by Microsoft in Microsoft Security Advisory 912840.

If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

We recommend that customers apply the update immediately.

We do too. Good move releasing this earlier than you first stated Microsoft, but still probably too late for some users.

From the Common Vulnerabilities and Exposures website, “The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.”

Note: This release says it is not critical for windows 98 or Windows ME users, noting that although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, the vulnerability is not critical because an exploitable attack vector has not been identified that would yield a Critical severity rating for these versions. They will be releasing a patch for these operating systems later.

On the News.com website, they quoted Microsoft saying;

The software maker said Thursday it will deliver two updates on Tuesday, Jan. 10, as part of its scheduled monthly bulletin of security patches.

In response to customer pressure, the software maker on Thursday delivered a fix for a Windows flaw that lies in the way Windows renders Windows Meta File images. The flaw that has become a conduit for several attacks.

Next week, Microsoft plans to provide two additional security updates: one for Windows, and one for Microsoft Office and e-mail server software Exchange, the company said in a notice on its Web site.

Both updates will fix at least one flaw that the software maker deems critical, according to the notice. Microsoft rates as critical any security threat that could allow a malicious Internet worm to spread without any action required on the part of the user.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - January 6, 2006 at 12:00 pm

Categories: Microsoft News, Tech News, Windows XP   Tags: , ,