Alert: Microsoft Security Bulletin MS03-041 - Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 10/21/03
- Previous message: Russ: "Re: Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Oct 2003 17:17:15 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Bulletin URL:
http://www.microsoft.com/technet/security/bulletin/MS03-041.asp
Summary:
Version Number: V1.0
Revision Date: 10-15-2003
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Patch(es) Replaced: None
Caveats: None
CVE Number(s): CAN-2003-0660
Tested Software:
Affected Software:
* Microsoft Windows NT Workstation 4.0, Service Pack 6a
<http://www.ntbugtraq.com/link/921466F5-BC40-4E8E-BB57-6B81B57C21B6.asp>
* Microsoft Windows NT Server 4.0, Service Pack 6a
<http://www.ntbugtraq.com/link/21F64FF0-9175-42BE-A8E4-BDC59A98BDF2.asp>
* Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
Pack 6
<http://www.ntbugtraq.com/link/C6688576-4682-4A30-BBD7-1817F2944890.asp>
* Microsoft Windows 2000, Service Pack 2
<http://www.ntbugtraq.com/link/C862E049-58B2-4486-8D98-23183D7EE17D.asp>
* Microsoft Windows 2000, Service Pack 3, Service Pack 4
<http://www.ntbugtraq.com/link/90D27AEC-7D2A-45FD-B85A-E98E574338F1.asp>
* Microsoft Windows XP Gold, Service Pack 1
<http://www.ntbugtraq.com/link/6CDF5303-D767-4D68-9BA7-055E93E87847.asp>
* Microsoft Windows XP 64-bit Edition
<http://www.ntbugtraq.com/link/D92EF2E8-C03A-43C0-B428-D76C4B669151.asp>
* Microsoft Windows XP 64-bit Edition Version 2003
<http://www.ntbugtraq.com/link/4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11.asp>
* Microsoft Windows Server 2003
<http://www.ntbugtraq.com/link/135D8C00-7B4B-4C21-8EAA-D58814635E0D.asp>
* Microsoft Windows Server 2003 64-bit Edition
<http://www.ntbugtraq.com/link/4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11.asp>
Software Not Affected:
* Microsoft Windows Millennium Edition
Technical Description:
There is a vulnerability in Authenticode that, under certain low memory
conditions, could allow an ActiveX control to download and install
without presenting the user with an approval dialog. To exploit this
vulnerability, an attacker could host a malicious Web Site designed to
exploit this vulnerability. If an attacker then persuaded a user to
visit that site an ActiveX control could be installed and executed on
the user's system. Alternatively, an attacker could create a specially
formed HTML e-mail and send it to the user. If the user viewed the HTML
e-mail an unauthorized ActiveX control could be installed and executed
on the user's system. In both scenarios the vulnerability in
Authenticode could allow an unauthorized ActiveX control to be installed
and executed on the user's system, with the same permissions as the
user, without prompting the user for approval. The risk of attack from
the HTML email vector can be significantly reduced if the following
conditions are met:
* You have applied the patch included with Microsoft Security bulletin
MS03-040
* You are using Internet Explorer 6 or later
* You are using the Microsoft Outlook Email Security Update or
Microsoft Outlook Express 6.0 and higher, or Microsoft Outlook 2000 or
higher in their default configuration.
This email is sent to NTBugtraq automatically as a service to my
subscribers. (v2.0)
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, *** covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Previous message: Russ: "Re: Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
