ALERT: "How A Hacker Launches A LDAP Injection Attack!" White Paper
It's as simple as placing additional LDAP query commands into a Web
form input box giving hackers complete access to all your backend
systems! Firewalls and IDS will not stop such attacks because LDAP
Injections are seen as valid data. Download this *FREE* white paper
from SPI Dynamics for a complete guide to protection!
http://list.windowsitpro.com/t?ctl=623EA:4160B336D0B60CB11FB06D9EE5268CA4
=== SECURITY ALERT =============================================
9 Microsoft Security Bulletins for August 2007
by Orin Thomas, orin@windowsitpro.com
Microsoft released nine security updates for August, rating six of them
as critical. Here's a brief description of each update; for more
information, go to
http://list.windowsitpro.com/t?ctl=623EB:4160B336D0B60CB11FB06D9EE5268CA4
MS07-042: Vulnerability in Microsoft XML Core Services Could Allow
Remote Code Execution
The attack vector for this exploit is a specially crafted Web page
viewed in Internet Explorer (IE). The exploit targets Microsoft XML
Core Services and, if unpatched, could allow the execution of malicious
code.
Applies to: All versions of Windows
Recommendation: Although Microsoft rates this update as critical, the
vulnerability has not been publicly disclosed. You should promptly
perform testing and deployment of this update.
MS07-043: Vulnerability in OLE Automation Could Allow Remote Code
Execution
The attack vector for this exploit is a specially crafted Web page
viewed in Internet Explorer (IE). The exploit targets OLE
functionality. If unpatched, the exploit could be leveraged to allow
the execution of malicious code.
Applies to: All versions of Windows except Vista, Office 2004 for Mac,
Microsoft Visual Basic 6.0 SP6
Recommendation: Although Microsoft rates this update as critical, the
vulnerability has not been publicly disclosed. You should promptly
perform testing and deployment of this update.
MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code
Execution
The attack vector for this exploit is a specifically crafted Excel
document. If unpatched, the exploit could be leveraged to allow the
execution of malicious code.
Applies to: Office 2000, Office XP, Office 2003, and Office 2004 for
Mac
Recommendation: Although Microsoft rates this update as critical, the
vulnerability has not been publicly disclosed. You should promptly
perform testing and deployment of this update.
MS07-045: Cumulative Security Update for Internet Explorer
This update addresses three privately reported vulnerabilities. The
vectors for these exploits are all specially crafted Web pages.
Applies to: All versions of Internet Explorer (IE)
Recommendation: The rating of this update is dependent on the host
platform. For Windows 2000 and Windows XP, the update is rated
critical; for Windows Vista, the update is rated important. Deploy this
update to older versions of Windows prior to deploying it to Vista
clients.
MS07-046: Vulnerability in GDI Could Allow Remote Code Execution
The attack vector for this exploit is a specially crafted image. If
unpatched, the image could be configured to allow remote code execution
on the target system.
Applies to: Windows 2000, Windows XP, and Windows Server 2003 (SP2
unaffected)
Recommendation: Although Microsoft rates this update as critical, the
vulnerability has not been publicly disclosed. You should promptly
perform testing and deployment of this update.
MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code
Execution
The attack vector for this exploit is a specially crafted media file.
This vulnerability could allow remote code execution.
Applies to: Windows Media Player on all versions of Windows
Recommendation: Microsoft rates this bulletin as important, and the
vulnerability has not been publicly disclosed. You should test and
deploy this patch as part of your normal patch management cycle.
MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code
Execution
The vector for this attack is the Feed Headlines Gadget and can be
exploited if a user subscribes to a malicious RSS feed. This exploit
could allow the attacker to run remote code with the privileges of the
logged-on user.
Applies to: Windows Vista
Recommendation: Microsoft rates this bulletin as important, and the
vulnerability has not been publicly disclosed. You should test and
deploy this update as part of your normal patch management cycle.
MS07-049: Vulnerability in Virtual PC and Virtual Server Could Allow
Elevation of Privilege
This is an elevation of privilege vulnerability that could allow a
guest OS user to run code on the host OS. This exploit can be leveraged
only by users of the guest OS who have been granted administrative
privileges.
Applies to: Virtual PC 2004, Virtual Server 2005/2005R2, and Virtual PC
for Mac 6 and 7
Recommendation: This update is specific to customers running Virtual PC
and Virtual Server. Microsoft rates it as important, so if you are
using these products in your environment, you should test and patch as
part of your usual patch management routine.
MS07-050: Vulnerability in Vector Markup Language Could Allow Remote
Code Execution
The attack vector for this exploit is a specially crafted Web page. If
unpatched, users navigating to the page could inadvertently trigger
remote code execution, compromising the target computer.
Applies to: Internet Explorer (IE) on all versions of Windows
Recommendation: Consult the associated Microsoft article (938127)
because customers have experienced documented issues when applying this
update. The vulnerability has been privately reported, so you should
perform testing and deploy this update at your earliest convenience.
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://list.windowsitpro.com/t?ctl=623EE:4160B336D0B60CB11FB06D9EE5268CA4
http://list.windowsitpro.com/t?ctl=623F0:4160B336D0B60CB11FB06D9EE5268CA4
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=623ED:4160B336D0B60CB11FB06D9EE5268CA4
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB11FB06D9EE5268CA4
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=623EF:4160B336D0B60CB11FB06D9EE5268CA4
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=623EC:4160B336D0B60CB11FB06D9EE5268CA4
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2007, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment