Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/9/2008
04:09 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Microsoft Patch Day Brings Eight Security Bulletins

The bulletins address 28 vulnerabilities in Windows Search, Internet Explorer, Microsoft Office, and other Microsoft software.

Microsoft on Tuesday released eight security bulletins and one security advisory as part of its regularly scheduled patch day.

Six of the bulletins are rated "critical" and two are rated "important."

The advisory was issued to alert users that Microsoft is investigating reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2.

Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 aren't affected by the advisory. The bulletins address 28 vulnerabilities in the following software: the Windows graphics device interface, Windows Search, Internet Explorer, Visual Basic 6.0 Runtime Extended Files, Word, Excel, SharePoint Server, and Windows Media Components.

Eric Schultze, CTO of Shavlik Technologies, observed in an e-mailed statement that the first five bulletins -- MS08-070 to MS08-74 -- represent client-side vulnerabilities. These could be exploited by an attacker if the user visited a malicious Web site or opened a malicious file.

MS08-075 addresses two privately reported vulnerabilities in Windows Search that could allow remote execution of malicious code if the user opens a maliciously crafted saved search file in Windows Explorer or if a the user clicks on a maliciously crafted URL.

Schultze said that MS08-075 is a variant of an attack patched in July. He said he considers it low-risk because few people save and execute a search file.

MS08-076 addresses two privately reported vulnerabilities in Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The more serious of the two could allow remote code execution, but Microsoft rates this bulletin as only important because the severity of the attack is mitigated if the user doesn't have administrative rights.

If exploited, this vulnerability could be used to transmit the user's logon credentials to the attacker after the user clicked on a malicious Window Media URL.

According to Schultze, the exploit would be similar to that used to take advantage of the MS08-068 vulnerability, which was patched in November.

"Microsoft says that Windows Media Player doesn't play by the same rules as the operating system, and that's why this issue wasn't fixed in the November patch release," he said. "This issue could become very serious if attackers figure out how to create the evil URLs."

Tyler Reguly, a security research engineer with nCircle, sees MS08-077 as the most significant bulletin and believes it should be elevated from "important" to "critical." The SharePoint vulnerability, he said in an e-mailed statement, "allows an unauthenticated attacker to access administrative controls. While the successful attacker would technically elevate privilege (anonymous to administrator), this vulnerability allows access controls to be bypassed altogether. For most people, privilege escalation means elevating regular user access to administrator, which may cause administrators to patch this issue with less urgency."

Dee Liebenstein, senior director of product management for Lumension, said that all of these patches should be taken seriously. "Most of these are ranked 'highly exploitable,'" she said, referring to the exploitability index that Microsoft introduced several months ago.

She advises IT managers to install the Windows and Internet Explorer patches as soon as possible, despite the system and server restart that will be required.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4396
PUBLISHED: 2020-08-04
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...
CVE-2020-4410
PUBLISHED: 2020-08-04
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539.
CVE-2020-4459
PUBLISHED: 2020-08-04
IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 181395.
CVE-2020-4525
PUBLISHED: 2020-08-04
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...
CVE-2020-4542
PUBLISHED: 2020-08-04
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 1...