Microsoft provided details on 12 security vulnerabilities -- eight of which it designated as critical -- in its monthly Patch Tuesday release.
Internet Explorer was the focus of two critical patches. One addresses a flaw in the Web browser that could provide a pathway for remote code execution, expose sensitive information, and give third parties the ability to create accounts on the host operating system. The other fixes an issue in which malicious Web content could be used to corrupt memory in Jscript and lead to remote code execution. Microsoft recommends that users install both patches at the same time.
Three of the critical patches released Tuesday address image processing vulnerabilities that could lead to remote code execution. One addresses a newly discovered vulnerability in Windows Media Player related to how it handles PNG images. Another patch protects machines by removing support for .art image files -- a proprietary image format used by AOL client software -- from Internet Explorer. Still another patch fixes a flaw in the Graphics Rendering Engine of Windows 98, 98SE, and ME.
Microsoft's Routing and Remote Access Services (RRAS), which is used to connect PCs to remote networks over dialup modems and for LAN/WAN connections through VPNs, is the focus of one critical update. The flaw could allow attackers to gain unauthorized access to networks from a remote location.
Another patch fixes the vulnerability in Microsoft Word that came to light last month. The exploit shows up as an e-mail with an infected Word attachment that, if opened, drops a backdoor on the PC, enabling a remote user to gain access to the machine for collecting or altering data, creating new user accounts or launching more attacks.
A remote code execution flaw in PowerPoint was the focus of the final critical update. This exploit takes the form of a malicious PowerPoint document with a malformed record that's capable of corrupting system memory, making it possible to execute code. Microsoft classifies the patch as critical for Powerpoint 2000 and important for Mac and other versions.
Microsoft also released a patch for a remote code execution vulnerability in the TCP/IP protocol driver that could enable attackers to gain control of infected machines. Although Microsoft designated this flaw as important, researchers at the SANS Internet Storm Center disagreed.
"We at the Internet Storm Center feel that it is very critical [and easy to exploit]. One spoofed packet could allow an attacker to "own" a vulnerable system. The TCP/IP stack is vulnerable to a buffer overflow in the handling of source routed packets," read a posting on the organization's website.
To protect systems, SANS Internet Storm researchers recommended blocking packets with source routing options in the firewall, using personal firewall software, and disabling source routing in Windows by setting a registry key.
|
10 Challenges That HP Wants Partners To Tackle Right Now CRN speaks with HP's business unit chiefs to get a sense of where they'd like partners to focus in the coming year, as well as how CEO Meg Whitman is making a difference. |
|
VAR500: IBM Strikes Deal With Ukraine Bank; HP Bolsters Health-Care Practice CRN VAR500 solution providers win health-care contracts, work on European banking solution, create a platform for microlending, sharing info on cloud computing and more. |
|
Five Companies That Dropped The Ball This Week For the week ending Feb. 3, CRN looks at five companies that were either asleep at the wheel or just didn't make good decisions. |
 More
Slide Shows |
