[VulnWatch] Fw: Alert: Microsoft Security Bulletin - MS03-011

From: OC Hosting - Lance L (lance@ochosting.com)
Date: 04/09/03

  • Next message: iDEFENSE Labs: "[VulnWatch] iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration (ISA) S"
    From: "OC Hosting - Lance L" <lance@ochosting.com>
    To: <vulnwatch@vulnwatch.org>
    Date: Wed, 9 Apr 2003 11:52:32 -0700
    
    

    ----- Original Message -----
    From: "Russ" <Russ.Cooper@RC.ON.CA>
    To: <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
    Sent: Wednesday, April 09, 2003 10:10 AM
    Subject: Alert: Microsoft Security Bulletin - MS03-011

    http://www.microsoft.com/technet/security/bulletin/MS03-011.asp

    Flaw in Microsoft VM Could Enable System Compromise (816093)

    Originally posted: April 09, 2003

    Summary

    Who should read this bulletin: Customers using Microsoft® Windows®.

    Impact of vulnerability: Allow attacker to execute code of his or her
    choice.

    Maximum Severity Rating: Critical

    Recommendation: Customers should install build 3810 or later of the
    Microsoft VM, as discussed below

    End User Bulletin: An end user version of this bulletin is available at:
    http://www.microsoft.com/security/security_bulletins/ms03-011.asp

    Affected Software:
    - Versions of the Microsoft virtual machine (Microsoft VM) are identified by
    build numbers, which can be determined using the JVIEW tool as discussed in
    the FAQ. All builds of the Microsoft VM up to and including build 5.0.3809
    are affected by these vulnerabilities.

    Technical description:

    The Microsoft VM is a virtual machine for the Win32® operating environment.
    The Microsoft VM is shipped in most versions of Windows (a complete list is
    available in the FAQ), as well as in most versions of Internet Explorer.

    The present Microsoft VM, which includes all previously released fixes to
    the VM, has been updated to include a fix for the newly reported security
    vulnerability. This new security vulnerability affects the ByteCode Verifier
    component of the Microsoft VM, and results because the ByteCode verifier
    does not correctly check for the presence of certain malicious code when a
    Java applet is being loaded. The attack vector for this new security issue
    would likely involve an attacker creating a malicious Java applet and
    inserting it into a web page that when opened, would exploit the
    vulnerability. An attacker could then host this malicious web page on a web
    site, or could send it to a user in e-mail

    Mitigating factors:
    - In order to exploit this vulnerability via the web-based attack vector,
    the attacker would need to entice a user into visiting a web site that the
    attacker controlled. The vulnerability themselves provide no way to force a
    user to a web site.
    - Java applets are disabled within the Restricted Sites Zone. As a result,
    any mail client that opened HTML mail within the Restricted Sites Zone, such
    as Outlook 2002, Outlook Express 6, or Outlook 98 or 2000 when used in
    conjunction with the Outlook Email Security Update, would not be at risk
    from the mail-based attack vector.
    - The vulnerability would gain only the privileges of the user, so customers
    who operate with less than administrative privileges would be at less risk
    from the vulnerability.
    - Corporate IT administrators could limit the risk posed to their users by
    using application filters at the firewall to inspect and block mobile code.

    Vulnerability identifier: CAN-2003-0111

    This email is sent to NTBugtraq automatically as a service to my
    subscribers. (v1.18)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Have you discovered a security vulnerability related to Windows or a
    commercial product which runs on Windows?

    Need assistance crafting the format or translating your advisory to English?

    Need to verify it, or having problems contacting the Vendor?

    Contact mailto:Advisories@NTBugtraq.com

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: iDEFENSE Labs: "[VulnWatch] iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration (ISA) S"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #401
      ... technical event for ICT security experts. ... MICROSOFT VULNERABILITY SUMMARY ... An attacker can exploit this issue to change the location of a frame ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #176
      ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows XP HCP URI Handler Arbitrary Command Execu... ... PHPNuke Category Parameter SQL Injection Vulnerability ... Microsoft Baseline Security Analyzer Vulnerability Identific... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #252
      ... comprehensive vendor-neutral IT security resource on the web! ... MICROSOFT VULNERABILITY SUMMARY ... An attacker may leverage this issue to overwrite arbitrary files with the ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #242
      ... MICROSOFT VULNERABILITY SUMMARY ... PostNuke Blocks Module Directory Traversal Vulnerability ... Groove Networks Groove Virtual Office COM Object Security By... ... The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to equal the destination source and port. ...
      (Focus-Microsoft)
    • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
      ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
      (Securiteam)