Details
Microsoft began the year's patching cycle with a rather inauspicious start when it announced that it would issue only half of the security bulletins originally planned. However, some of the bulletins cover a number of vulnerabilities.
While the number of threats certainly looks bad on the surface, it turns out that only a few threats addressed in this month's updates are actually critical—and only for a few platforms. Here's a closer look at each update, in order of risk.
MS07-004
Microsoft Security Bulletin MS07-004, "Vulnerability in Vector Markup Language Could Allow Remote Code Execution," addresses the VML Buffer Overrun Vulnerability (CVE-2007-0024). I consider this the most significant update because attackers are already exploiting the vulnerability.
This is a critical threat for Windows 2000 Service Pack 4, all versions of Windows XP, and Windows Server 2003; it is a moderate threat for Windows Server 2003 SP1. This update doesn't affect Windows Vista.
This bulletin replaces Microsoft Security Bulletin MS06-055 for all affected platforms. Microsoft has already updated MS07-004 to version 1.1 to reflect a change in the restart requirement.
MS07-002
Microsoft Security Bulletin MS07-002, "Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution," addresses five separate vulnerabilities:
* Excel Malformed IMDATA Record Vulnerability (CVE-2007-0027)
* Excel Malformed Record Vulnerability (CVE-2007-0028)
* Excel Malformed String Vulnerability (CVE 2007-0029)
* Excel Malformed Column Record Vulnerability (CVE-2007-0030)
* Excel Malformed Palette Record Vulnerability (CVE-2007-0031)
With the exception of Excel 2007 and Microsoft Works Suite 2006, this update affects all other currently supported versions of Excel, including Excel 2000, Excel 2002, Excel 2003, and Excel Viewer 2003. This is a critical threat for Excel 2000; it is an important threat for all other affected versions.
These are newly discovered vulnerabilities, and there had been no reports of active exploits at the time of publication. You can check the security bulletin for an extensive list of mitigating factors and suggested workarounds, but they boil down to the commonsense best practice of being careful when opening Excel files.
MS07-003
Microsoft Security Bulletin MS07-003, "Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution," addresses three separate vulnerabilities:
* Microsoft Outlook VEVENT Vulnerability (CVE-2007-0033)
* Microsoft Outlook Denial of Service Vulnerability (CVE-2006-1305)
* Microsoft Outlook Advanced Find Vulnerability (CVE-2007-0034)
With the exception of Outlook 2007, this update affects all currently supported versions of Outlook, including Outlook 2000, Outlook 2002, and Outlook 2003. The Advanced Find Vulnerability is a critical threat for Outlook 2000 and an important threat for other affected versions, as is the VEVENT Vulnerability. The Denial of Service Vulnerability is a moderate threat for all affected platforms.
This bulletin replaces Microsoft Security Bulletin MS06-003 for Outlook 2003 only. See the security bulletin for mitigating factors and workarounds.
While the Denial of Service Vulnerability was a publicly known threat, there had been no reports of active exploits at the time of publication. The other two threats are newly discovered vulnerabilities, and there had been no reports of active exploits at the time of publication.
MS07-001
Microsoft Security Bulletin MS07-001, "Vulnerability is Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution," addresses the Office 2003 Brazilian Portuguese Grammar Checker Vulnerability (CVE-2006-5574). This is a publicly disclosed threat, but there had been no reports of active exploits at the time of publication. However, Microsoft has reported seeing proof-of-concept code.
This update only affects the Brazilian Portuguese version of Office 2003 SP2, Office Multilingual User Interface 2003 SP2, Project Multilingual User Interface 2003 SP2, Visio Multilingual User Interface 2003 SP2, and Office Proofing Tools 2003 SP2. It is an important threat for all affected platforms.
UNIX
A new Mac OS X integer overflow vulnerability, UFS ffs_mountfs(), has surfaced, which can allow an attacker to run arbitrary code on version 10.4.8 and possibly other versions of the Mac OS X operating system.
In other news, Secunia reports that SuSE has updated multiple versions to fix a string vulnerability in w3m 0.5.1 (CVE-2006-6772.)
Final word
You'll notice that I've added a new UNIX category to the article, a feature requested by several readers. Let me know if you find it useful.
Keep in mind that it's difficult to cover UNIX platforms because there are so many versions and vendors. However, many of the threats extend across a number of platforms, so I'll do my best to provide updates for the most popular platforms or the most dangerous threats.
No comments:
Post a Comment