Two new and one updated advisory discussing PoC and exploits

Lennart Wistrand here. This week we’ve seen both proof of concept code posted for a Windows Shell vulnerability. We have also seen limited exploits of a previously publicly disclosed vulnerability in DirectAnimation as well as limited exploits of a PowerPoint vulnerability.
We’ve made the Windows Shell advisory available to advise customers of this public PoC. The advisory calls out mitigating factors and workarounds and does also touch upon our plans around releasing a security update that addresses this. The advisory can be found here.

We’ve also made a small update to the DirectAnimation advisory to call out that we have seen very limited attacks occur. That advisory can be found here.

Finally, we’ve published a PowerPoint advisory as well regarding limited attacks using specially crafted PowerPoint files.
In each case, user interaction is required for a successful exploit to occur and our Safe Browsing guidance applies. Reading e-mail using Outlook or Outlook Express can, in and of itself, not put you at risk but if you click on a link in an e-mail from an untrusted source you could be at risk. Keep your anti-virus software up to date and use caution when browsing. Please refer to the advisories for a more in-depth discussion of this.
We are working overtime to help get all of you more secure and we do continue to encourage security researchers to work with us towards resolutions to vulnerabilities that are discovered.
-Lennart
*This posting is provided "AS IS" with no warranties, and confers no rights.*
Article:


http://209.34.241.68/msrc/archive/2006/09/29/459967.aspx

Comments

Post a Comment

Popular posts from this blog

Exchange Server Error -1018: How Microsoft IT Recovers Damaged Exchange Databases

Image
I found this paper on the showcase site from microsoft I hope it is of help to you. It sure helped me!     Technical White Paper Published: August 1, 2005 Executive Summary Error –1018 (JET_errReadVerifyFailure) is a familiar—and dreaded—error in Microsoft® Exchange Server. It indicates that an Exchange database file has been damaged by a failure or problem in the underlying file system or hardware. This paper explains the conditions that result in error –1018. It also covers the detection mechanisms that Exchange uses to discover and recover from damage to its database files. The Microsoft Information Technology group (Microsoft IT) runs one of the most extensive Exchange Server organizations in the world. Exchange administrators at Microsoft have investigated and recovered from dozens of –1018 error problems. This paper shows you how Microsoft IT monitors fo
Read more

Server and Domain Isolation Using IPsec and Group Policy

Image
Microsoft Solutions for Security and Compliance Server and Domain Isolation Using IPsec and Group Policy © 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-NonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. Table of Contents Chapter 1: Introduction to Server and Domain Isolation. 1 Executive Summary. 1 Who Should Read This Guide. 2 The Business Challenge. 3 The Business Benefits. 3 The Technology Challenge. 4 Creating a Project Team.. 6 Guide Overview.. 7 Chapter 1: Introduction to Server and Domain Isolation. 7 Chapter 2: Understanding Server and Domain Isolation. 7 Chapter 3: Determining the Current State of Your IT Infrastructure. 7 Chapter 4: Designing and Planning Isolation Groups. 8 Chapter 5: Creating IPsec Policies for Isolation Groups.
Read more

[Solved] The Group Policy client-side extension Internet Explorer Zonemapping failed to execute

Image
I had the error below in my application eventlog.     Event Type:    Error Event Source:    Userenv Event Category:    None Event ID:    1085 Date:        30-09-2008 Time:        15:20:30 User:        NT AUTHORITY\SYSTEM Computer:    TBG-TS01 Description: The Group Policy client-side extension Internet Explorer Zonemapping failed to execute. Please look for any errors reported earlier by that extension. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp .   My problem was with my site to zone assignment list I used a wildcard like this: “ *microsoft.com ” but what you need to do is this “ *.microsoft.com ” So it is safe to say that the documentation from microsoft needs some sort of an update stating that you can only use a wildcard infront of dot. Below is the microsoft explaination:   This policy setting allows you to manage a list of sites that you want to associate with a particular s
Read more