Slashdot Mirror
Three New Microsoft Bulletins
Jimmy M writes "Microsoft has released three security bulletins for January, which correct vulnerabilities in the handling of Icon and Cursor files, Indexing Services, and HTML Help. Bulletin MS05-001 (HTML Help) is the Extremely Critical vulnerability (Demonstration) that Secunia warned about last week - nice to see a quick move from MS. All updates are available from Windows Update."
It should be noted that those with XP SP2 are only affected by MS005-01.
- AMW
Microsoft Security Bulletin MS05-001 addresses the cross-domain vulerability with their HTML Help Active-X control. Microsoft mentions that it's "newly" discovered, but see the proof-of-concept at Security Focus--posted into BugTraq almost a month ago.
Incidentally, if you're one of those rare Windows users running IE in restricted (ESC) mode, your vulnerability is mitigated... suprise, suprise.
It would also seem microsoft released "Malicious Software Removal Tool" on WindowsUpdate
It finds and fixes some common worms.. They plan on releasing a new version every second Tuesday of each month, and each new version will continue to clean worms from the previous versions.
Wonder what the antivirus companies think about this
[an error occurred while processing this directive]
This page has more technical information about the tool.
[an error occurred while processing this directive]
On the other hand, Microsoft posted a workaround for the problem 6 days after Secunia discovered the flaw.
Beware: In C++, your friends can see your privates!
Wonder what the antivirus companies think about this
Probably very little...
McAfee already publishes a similar tool called Stinger which is periodically updated to cover new worms.
``How many will reply to me saying I'm out of my mind?''
At least one. The vulnerability was updated on 2004-10-21. That means it existed at least about 3 months before the fix. I don't know about you, but I don't call that quick.
Please correct me if I got my facts wrong.
First, Secunia released the advisory for Windows security update 890175 (MS05-001) back in 2004-10-20. Secunia linked to a workaround for the flaw 8 days after this, that was posted by Microsoft. Secunia increased the severity rating in 2005-01-07, and 4 days later, Microsoft has now posted an actual fix.
Now, the story, unfortunately for Windows users, and fortunately for e.g. open source evangelists, it seems like there is some things to be aware of if needing to uninstall the fix, for example due to possible problems caused by this fix, which are mentioned here, under the "Known Issues" heading.
In other words, we're talking about one issue that may appear as a direct consequence of installing this (my first link) and another one if you then decide to uninstall this fix (my second link).
Of course, if you aren't subject to the first problem, you don't need to do a thing and you are indeed living in the environment Microsoft was crossing their fingers for that you would be in.
Beware: In C++, your friends can see your privates!
At least it's not in the kernel...
...and these were announced on one day! Notice Slashdot is silent.
I've seen plenty of weird things in Linux distros, like privilege escalation in MPlayer. MPlayer, a video player! People really need to start paying attention to LinuxSecurity and witness all the monthly vulnerabilities for their distros. They rarely get mentioned on Slashdot (for whatever reason).
Random sampling from Gentoo's advisory list:
Gentoo: HylaFAX hfaxd unauthorized login vulnerability
Date: Tuesday, 11 January 2005
HylaFAX is subject to a vulnerability in its username matching code, potentially allowing remote users to bypass access control lists.
Gentoo: o3read Buffer overflow during file conversion
Date: Tuesday, 11 January 2005
A buffer overflow in o3read allows an attacker to execute arbitrary code by way of a specially crafted XML file.
Gentoo: imlib2 Buffer overflows in image decoding
Date: Tuesday, 11 January 2005
Multiple overflows have been found in the imlib2 library image decoding routines, potentially allowing the execution of arbitrary code.
Gentoo: Kpdf, Koffice More vulnerabilities in included Xpdf
Date: Tuesday, 11 January 2005
KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code if a user is enticed to view a malicious PDF file.
Perhaps the same way as the widely-used and open source libpng library had a number of vulnerabilities last year? (ref 1, ref 2)
Or the same sort or way the Mozilla XBM vulnerability arose? (ref)
This isn't a new thing, and it's not unique to Microsoft, either.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Please alter my pants as fashion dictates.
This plugin is part of Visual Studio version 6. However, since the plugin is digitally signed by Microsoft, it may be silently installed through Internet Explorer by any website. The user doesnt have to have Visual Studio installed, they only have to visit a page using the control. And like it states, the control is digitally signed, so its supposed to be safe, right? "Always allow content from Microsoft.com" is one of the funniest things Ive ever seen on computers.