US-CERT Technical Cyber Security Alert TA05-165A -- Microsoft Windows and Internet Explorer Vulnerabilities

From: CERT Advisory (cert-advisory_at_cert.org)
Date: 06/15/05

  • Next message: CERT Advisory: "US-CERT Technical Cyber Security Alert TA05-180A -- VERITAS Backup Exec Software is actively being exploited"
    Date: Tue, 14 Jun 2005 20:22:17 -0400
    To: cert-advisory@cert.org
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

                 Technical Cyber Security Alert TA05-165A
         Microsoft Windows and Internet Explorer Vulnerabilities

       Original release date: June 14, 2005
       Last revised: --
       Source: US-CERT

    Systems Affected

         * Microsoft Windows
         * Microsoft Internet Explorer

       For more complete information, refer to the Microsoft Security
       Bulletin Summary for June, 2005.

    Overview

       Microsoft has released updates that address critical vulnerabilities
       in Windows and Internet Explorer. Exploitation of these
       vulnerabilities could allow a remote, unauthenticated attacker to
       execute arbitrary code or cause a denial of service.

    I. Description

       Microsoft Security Bulletins for June, 2005 address a number of
       vulnerabilities in Windows, Internet Explorer, Outlook Express,
       Outlook Web Access, ISA Server, the Step-by-Step Interactive Training
       engine, and telnet. Further information about the more serious
       vulnerabilities is available in the following Vulnerability Notes:

       VU#189754 - Microsoft Internet Explorer buffer overflow in PNG image
       rendering component

       A buffer overflow in the PNG image rendering component of Microsoft
       Internet Explorer may allow a remote attacker to execute code on a
       vulnerable system.
       (CAN-2005-1211)

       VU#489397 - Microsoft Server Message Block vulnerable to buffer
       overflow

       Microsoft Server Message Block (SMB) is vulnerable to a buffer
       handling flaw when processing incoming SMB packets that may lead to
       remote code execution.
       (CAN-2005-1206)

       VU#851869 - Microsoft HTML Help input validation error

       Microsoft HTML Help fails to properly validate input data, allowing a
       remote attacker to execute arbitrary code.
       (CAN-2005-1208)

    II. Impact

       Exploitation of the most serious of these vulnerabilities could allow
       a remote, unauthenticated attacker to execute arbitrary code with
       SYSTEM privileges. This would allow an attacker to take complete
       control of a vulnerable system. An attacker could also execute
       arbitrary code with user privileges, or cause a denial of service.

    III. Solution

    Apply updates

       Microsoft has provided the patches for these vulnerabilities in the
       Security Bulletins and on Windows Update.

    Workarounds

       Please see the individual vulnerability notes for workarounds.

    Appendix A. References

         * Microsoft Security Bulletin Summary for June, 2005 -
           <http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx>

         * US-CERT Vulnerability Note VU#189754 -
           <http://www.kb.cert.org/vuls/id/189754>

         * US-CERT Vulnerability Note VU#489397 -
           <http://www.kb.cert.org/vuls/id/489397>

         * US-CERT Vulnerability Note VU#851869 -
           <http://www.kb.cert.org/vuls/id/851869>

         * CAN-2005-1211 -
           <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1222>

         * CAN-2005-1206 -
           <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1206>

         * CAN-2005-1208 -
           <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1208>

         * Microsoft Windows Update - <http://windowsupdate.microsoft.com/>
       _________________________________________________________________

       Feedback can be directed to the US-CERT Technical Staff
       _________________________________________________________________

       Revision History

       June 14, 2005: Initial release
       _________________________________________________________________

       This document is available from:
      
       <http://www.us-cert.gov/cas/techalerts/TA05-165A.html>

       Produced 2005 by US-CERT, a government organization.

       Terms of use

       <http://www.us-cert.gov/legal.html>

        For instructions on subscribing to or unsubscribing from this
        mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
        
        
        
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iQEVAwUBQq9ymBhoSezw4YfQAQKK/AgAgA+TNjR3BwQXMLkf56jTFQdMprSELPAP
    DaVkL2LeFT13v/z2QHiQMMA5SJT8nOxHlIm1mxhOo1jmTLU3Rjj4tRDaIMI2Q/2I
    y/m02Xt0DeR13TcVISxWo2dKEvZ6rh0HOEpL/OS3SAUH2lWRUgUhaAG4Tag5afWd
    Ts6bcTplXhPqVYY9u/QFxGs1hrr5ntsFqxaZz02HQVgaVYqimH8WgkXURO/VPqA9
    f7LUa3elNkIK15vmE3yTHPnWV4Dq5rfUq2G6aFXSD9KxZPqACCAcH7K+6KEgU5z9
    dYzKcGrEDHn2/2es2UhzGvJcDx1JiNG5pH7mGMm0b2lp+jZ47j6z7g==
    =BD3k
    -----END PGP SIGNATURE-----


  • Next message: CERT Advisory: "US-CERT Technical Cyber Security Alert TA05-180A -- VERITAS Backup Exec Software is actively being exploited"

    Relevant Pages

    • Re: What Is Blue Screen of Death? I Think I have it!
      ... Have discovered Welchia again on my computer. ... Thanks a million Microsoft. ... not for the vulnerabilities. ... I would estimate that if the original Windows XP ...
      (microsoft.public.windowsxp.help_and_support)
    • SecurityFocus Microsoft Newsletter #305
      ... Microsoft Office security, part one ... Microsoft Internet Explorer Multiple COM Object Color Property Denial of Service Vulnerabilities ... An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. ...
      (Focus-Microsoft)
    • US-CERT Technical Cyber Security Alert TA04-212A -- Critical Vulnerabilities in Microsoft Windows
      ... These vulnerabilities affect the following versions of Microsoft ... Microsoft Internet Explorer contains three vulnerabilities that may ... attacker depend on the software component being attacked. ...
      (Cert)
    • Critical megapatch sews up 10 holes in IE
      ... In addition, Microsoft ... a product manager at security company Qualys. ... the five updates, the IE and Windows updates, are especially critical as ... Eight of the 10 vulnerabilities repaired by the IE update could be ...
      (comp.sys.mac.advocacy)
    • Is this a hackers trick?? **WARNING**
      ... out whether it was legit or not,,, i have norton security ... >((Microsoft Customer, ... >MS Outlook/Express as well as six new vulnerabilities, ... >malicious Web site operator to open two browser windows, ...
      (microsoft.public.security)