Microsoft released seven bulletins fixing 23 vulnerabilities in their
patch Tuesday announcement today. The Redmond, Wash., software giant
rated three of the bulletins as ‘critical,’ all of which could lead to
remote code execution, and the remaining four as ‘important.’
The
first critical bulletin resolves a privately reported bug in Microsoft
Office through which an attacker could remotely execute code after the
user opens a specially crafted RTF file. Upon successful exploitation,
the attacker would possess the same user rights as the current user.
Users with fewer user rights would be less impacted than those that
operate with administrative user rights.
The second patch resolves
three publicly disclosed bugs and seven privately disclosed ones in
Microsoft Office, Microsoft Windows, the Microsoft .NET Framework, and
Microsoft Silverlight. These could also lead to remote code execution if
an attacker can find a way to trick users into opening a specially
crafted document or visiting a webpage that embeds TrueType font files.
This set of vulnerabilities fixed by the MS12-034 patch
is designed to fix one of the vulnerabilities exploited by the Duqu
malware. Microsoft had already patched that bug in other applications,
but in the last few months it had discovered that a snippet of code that
was part of the CVE-2011-3402 vulnerability was present in other places
in Microsoft products, as well.
"In the time since we shipped
MS11-087, we discovered that several Microsoft products contained a copy
of win32k.sys’s font parsing code. Unfortunately, each copy of the code
also contained the vulnerability addressed by MS11-087. The most
troublesome copy was in gdiplus.dll. We know that several third party
applications – 3rd party browsers in particular – might use gdiplus.dll
to parse and render custom fonts. Microsoft Office’s version of gdiplus,
called ogl.dll, also contained a copy of the vulnerable code.
Silverlight included a copy of the vulnerable code. And the Windows
Journal viewer included a copy of the vulnerable code," Microsoft said
in a blog post today.
"In addition to addressing the
vulnerabilities described in the bulletin, this security update also
closes the malicious keyboard layout file attack vector. Windows Vista
introduced a requirement that all keyboard layout files be loaded from
%windir%\system32. MS12-034 ports that change downlevel to Windows XP
and Windows Server 2003 as well."
The last critically rated
patch fixes two privately reported vulnerabilities in Windows and the
.NET Framework. These could allow for remote code execution on client
systems where the user views a specially crafted webpage that can run
XAML browser applications. Again, users with fewer rights are less
impacted.
As for the four important patches remaining, the first
resolves six vulnerabilities in Microsoft office and the second resolves
one vulnerability in Microsoft Visio viewer. Both vulnerabilities, if
left unpatched, could lead to remote code execution. The last two
important patches could both lead to elevation of privileges. The first
resolves two bugs in TCP/IP and the second resolves a vulnerability in
Windows Partition Manager.
Courtesy by Brian
No comments:
Post a Comment