| Microsoft Christmas Presents to Sys Admins |
 |
 |
 |
| Written by Editor |
| Tuesday, 11 December 2007 22:32 |
|
Well it is that time of the month again, the goose is getting fat and Microsoft have released this months slew of patches. This month we have three critical patches and four important rated patches. The first of our critical patches for the day is MS07-064, it covers two vulnerabilities that affect DirectX, these vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If exploited the vulnerability could allow the attacker to execute code within the context of the currently logged in user. This vulnerability affects all versions of Direct from version 7.0 through to 10.0 on all Windows platforms, including the über secure Windows Vista.Next of the critical patches is MS07-068, this patch resolves a vulnerability in the Windows Media Format file handling that could allow an attacker to execute arbitrary code within the context of the current user. This vulnerability affects Windows Media Runtime 7.1, 9.x and 11.x across all Windows platforms, including 64-bit versions and Windows Vista. The final critical patch is MS07-069, this patch resolves four vulnerabilities within Internet Explorer. This patch addresses the following issues within Internet Explorer: This cumulative update for Internet Explorer addresses these vulnerabilities affecting Internet Explorer 5.01, 6, 6 Service Pack 1, and 7 to varying degrees. The patch updates Internet Explorer on up-to-date Windows 2000, Windows XP x86/x64, Windows 2003 Server x86/x64/Itanium, and Windows Vista x86/x64. Just as small note it seems although Microsoft are quoting those CVE numbers they are not yet visible on the CVE site. Microsoft also released four other patches that are rated Important, these include MS07-063 a SMBv2 remote code-execution vulnerability, a vulnerability that affects Windows Vista only. This flaw could allow an attacker to modify an SMBv2 packet and then recompute the signature correctly. This issue may allow the attacker to execute arbitrary code in the context of the currently logged in user. Then we have MS07-065, this is a buffer overflow vulnerability within the Microsoft Message Queuing Service (MSMQ). The vulnerability can be exploited remotely for Microsoft Windows 2000 or locally on Windows XP to gain LOCAL SYSTEM privileges. It does require valid login credentials in order to exploit on Windows XP and normally is not running on default installs of vulnerable platforms, the service must be enabled by administrators. MS07-066 is Microsoft Windows Vista Advanced Local Procedure Call local privilege-escalation vulnerability. The vulnerability occurs because Windows Advanced Local Procedure Call (ALPC) fails to sufficiently validate legacy reply-path conditions. An attacker must have local interactive access to exploit the issue, it cannot be exploited remotely. However, upon successful exploitation the attacker can gain full control of the vulnerable system. The final important rated vulnerability is MS07-067, addresses the previously reported vulnerability within the Microvision Driver that can be used for local privilege escalation. As usual when we get presents from Microsoft, it is advised that you get all your Windows machines updated as soon as possible. Mainly as within the next few days the first wave of active exploitation attempts will be coming out of the wood work. Add this page to your favorite Social Bookmarking websites          |
| Last Updated ( Tuesday, 11 December 2007 22:40 ) |
