Results 1 to 2 of 2

Thread: Critical Vulnerabilities in Microsoft Windows

  1. #1
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Huson Mt.

    Critical Vulnerabilities in Microsoft Windows

    These vulnerabilities have already been discussed in various threads on 'AO' so none of this is probably new information.

    In US-CERT Technical Cyber Security Alert TA04-212A , that I just recieved this morning has a good breakdown of them though. (note: if any one wants to see the entire artical, pm me and I will copy and paste it to you.)

    Systems affected gives a list that includes virtually every thing MS has with the exception of SP2 RC2. And it is probably at risk also in some ways.
    Please note that these vulnerabilities my affect any software that uses the Microsoft Windows operating system to render HTML or graphics.
    I. Description

    Microsoft Security Bulletin MS04-025 describes three vulnerabilities
    in Internet Explorer; more detailed information is available in the
    individual vulnerability notes. Note that in addition to Internet
    Explorer, any applications that use the Internet Explorer HTML
    rendering engine to interpret HTML documents may present additional
    attack vectors for these vulnerabilities.

    VU#266926 - Microsoft Internet Explorer contains an integer overflow
    in the processing of bitmap files

    An integer overflow vulnerability has been discovered in the way that
    Internet Explorer processes bitmap image files. This vulnerability
    could allow a remote attacker to execute arbitrary code on a
    vulnerable system by introducing a specially crafted bitmap file.
    (Other resources: CAN-2004-0566)

    VU#685364 - Microsoft Internet Explorer contains a double-free
    vulnerability in the processing of GIF files

    A double-free vulnerability has been discovered in the way that
    Internet Explorer processes GIF image files. When processing GIF image
    files, the routine responsible for freeing memory may attempt to free
    the same memory reference more than once. Deallocating the already
    freed memory can lead to memory corruption, which could cause a
    denial-of-service condition or potentially be leveraged by an attacker
    to execute arbitrary code.
    (Other resources: CAN-2003-1048)

    VU#713878 - Microsoft Internet Explorer does not properly validate
    source of redirected frame Microsoft Internet Explorer does not
    properly display URLs

    As previously discussed in TA-163A, Microsoft Internet Explorer does
    not adequately validate the security context of a frame that has been
    redirected by a web server. An attacker could exploit this
    vulnerability to evaluate script in different security domains. By
    causing script to be evaluated in the Local Machine Zone, the attacker
    could execute arbitrary code with the privileges of the user running
    Internet Explorer. For a detailed technical analysis of this
    vulnerability, please see VU#713878.
    (Other resources: CAN-2004-0549)
    This means that an attack could come from any html content that is viewed on or from the web.
    Remote attackers exploiting the vulnerabilities described above may
    execute arbitrary code with the privileges of the user running the
    software components being attacked (e.g., Internet Explorer).
    Attackers can exploit these vulnerabilities by convincing a victim
    user to visit a malicious website, view a malformed image, or read an
    HTML-rendered email message. No user intervention is required beyond
    viewing an attacker-supplied HTML document or image. For further
    details, please see the individual vulnerability notes.
    Solutons to this problem, of course is being current on all patchs. But you might have missed one.
    Apply the appropriate patch as specified by Microsoft Security
    Bulletin MS04-025. Please note that this bulletin provides a
    cumulative update that replaces all previously released updates for
    Internet Explorer, including those provided in MS04-004. However,
    users who have applied hotfixes released after MS04-004 will need to
    install MS04-025
    . Please see the FAQ section of Microsoft's advisory
    for more details.
    IE is not alone in being effected by these either. Any browser that uses Windows methode of handling HTML (rendering) could be effected by these.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  2. #2
    Senior Member
    Join Date
    Dec 2003
    Pacific Northwest

    Hey thks for the thread. I am pretty bad about keeping IE patched since I seldom use it at home. But I do use a few that share IE stuff.

    So off to the patch palace I go. Take care

    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts