Status Tracking Note TRTA07-345A

Microsoft Updates for Multiple Vulnerabilities

Overview

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, gain elevated privileges, or crash a vulnerable system.
Event Information

Date (UTC)Description
2008-01-08 Bugtraq
Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit
Microsoft DirectX Code Execution Vulnerability Parsing SAMI Files Proof Of Concept (CVE-2007-3901,MS07-064)
#Cid: 26789.py
#Tested: Windows 2000 SP4 [EN], DirectX 7.0 (4.07.00.0700)
2007-12-21 Bugtraq
MS Windows 2000 AS SP4 Message Queue Exploit (MS07-065)
Message Queuing Service Remote Code Execution Vulnerability Proof Of Concept (CVE-2007-3039,MS07-065)
#Cid: MessageQueueexpl.c
#Tested: Windows 2000 Advanced Server [ES]
2007-12-19 17:40 Microsoft
Knowledge Base (946627): Internet Explorer 6 crashes after you install security update 942615 on a computer that is running Windows XP Service Pack 2
Cumulative Security Update for Internet Explorer (MS07-069)
2007-12-18 Bugtraq
Windows Message Queuing Service Remote RPC BOF Exploit (MS07-065)
Message Queuing Service Remote Code Execution Vulnerability Proof Of Concept (CVE-2007-3039,MS07-065)
#Cid: 26797.c
#Tested: Windows 2000 + SP4
2007-12-14 18:28 Symantec
ThreatCON (2) => (1)
2007-12-12 01:11 JPCERT/CC
JPCERT-AT-2007-0024: Dec 2007 Microsoft Security Bulletin (including three critical patches)
2007-12-11 23:47 SANS Internet Storm Center
December black tuesday overview
Overview of the December 2007 Microsoft patches and their status.
2007-12-11 22:36 US-CERT
TA07-345A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2007-12-11 16:00 Symantec
ThreatCON (1) => (2)
2007-12-11 08:00 Microsoft
MS07-DEC: Microsoft Security Bulletin Summary for December 2007
Included in this advisory are updates for newly discovered vulnerabilities.
2007-12-11 06:07 US-CERT
Microsoft Releases December Security Bulletins
US-CERT Current Activity
Microsoft has released updates to address vulnerabilities in Windows, DirectX, DirectShow, Windows Media Format Runtime, and Internet Explorer as part of the Microsoft Security Bulletin Summary for December 2007.
2007-12-11 IBM Internet Security Systems
Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities
Two vulnerabilities in Microsoft DirectShow could allow remote code execution. By creating a malicious file and enticing a user to click a link or open a file, an attacker could remotely execute unauthorized code with the privileges of the user.
2007-12-11 IBM Internet Security Systems
Multiple (4) Microsoft Windows Media Player .ASF Remote Code Execution Vulnerabilities
Four vulnerabilities in Microsoft Windows Media Player could allow remote code execution. By creating a malicious .ASP file and enticing a user to click a link or open a file, an attacker could trigger a heap overflow through a malformed ASF stream and remotely execute unauthorized code with the privileges of the user.
2007-11-05 Microsoft
Microsoft Security Advisory (944653): Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow Elevation of Privilege
Macrovision Driver Vulnerability (CVE-2007-5587,MS07-067)
2007-10-16 17:23 Symantec
Symantec Security Response Weblog: Privilege Escalation Exploit In the Wild
Macrovision Driver Vulnerability (CVE-2007-5587,MS07-067)
During the weekend I found an interesting sample exploiting a possibly new and undocumented vulnerability for Windows XP and 2003. The exploit is a local privilege escalation that allows users with a restricted account to gain a SYSTEM shell with higher privileges.
2007-09-28 iDefense
Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability
Microsoft DirectX Code Execution Vulnerability Parsing SAMI Files (CVE-2007-3901,MS07-064)
Vulnerability Reported
This vulnerability exists in the DirextShow SAMI parser, which is implemented in quartz.dll. When the SAMI parser copies parameters into a stack buffer, it does not properly check the length of the parameter. As such, parsing a specially crafted SAMI file can cause a stack-based buffer overflow.
2007-07-20 Zero Day Initiative (ZDI)
ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2007-5344,MS07-069)
Vulnerability Reported
2007-07-20 Zero Day Initiative (ZDI)
ZDI-07-073: Microsoft Internet Explorer setExpression Code Execution Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2007-3902,MS07-069)
Vulnerability Reported
2007-05-22 Zero Day Initiative (ZDI)
ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2007-3903,MS07-069)
Vulnerability Reported
2007-05-08 iDefense
Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2007-3902,MS07-069)
Vulnerability Reported
The vulnerability lies in the JavaScript setExpression method, which is implemented in mshtml.dll. When malformed parameters are supplied, memory can be corrupted in a way that results in Internet Explorer accessing a previously deleted object. By creating a specially crafted web page, it is possible for an attacker to control the contents of the memory pointed to by the released object.
2007-04-02 Zero Day Initiative (ZDI)
ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability
Message Queuing Service Remote Code Execution Vulnerability (CVE-2007-3039,MS07-065)
Vulnerability Reported


Date first published (UTC): 2007-12-16T15:27+00:00
Date last updated (UTC): 2008-01-14T20:46+00:00