Jump to content


Photo

MS Security Advisories


  • Please log in to reply
316 replies to this topic

#101 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 08 June 2008 - 03:53 AM

FYI...

Microsoft Security Advisory (953818)
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
- http://www.microsoft...ory/953818.mspx
Revisions:
• May 30, 2008: Advisory published.
• June 6, 2008: Modified the steps in the workaround and added acknowledgment.

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#102 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 16 June 2008 - 06:18 AM

FYI...

Microsoft Security Advisory (954474)
System Center Configuration Manager 2007 Blocked from Deploying Security Updates
- http://www.microsoft...ory/954474.mspx
June 13, 2008 - "Microsoft is investigating public reports of a non-security issue that affects environments with System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft is aware of reports from customers who are experiencing this issue. Upon completion of the investigation, Microsoft will take the appropriate action to resolve the problem within System Center Configuration Manager 2007.
Mitigating Factors:
• This issue impacts customers using System Center Configuration Manager 2007 servers to deploy updates to SMS 2003 clients..."

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#103 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 18 June 2008 - 04:57 AM

FYI...

Microsoft Security Advisory (954474)
System Center Configuration Manager 2007 Blocked from Deploying Security Updates
- http://www.microsoft...ory/954474.mspx
Updated: June 17, 2008 - "... Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474*. Microsoft encourages customers affected by this issue to review and install this update..."
* http://support.microsoft.com/kb/954474
Last Review: June 17, 2008
Revision: 2.1
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#104 quietman7

quietman7

    quietman7

  • Helper
  • PipPipPipPipPip
  • 680 posts

Posted 20 June 2008 - 05:19 AM

MS08-030 Re-released for Windows XP SP2 and SP3
Microsoft Security Bulletin MS08-030 – Updated: June 19, 2008

Microsoft urges XP SP2, SP3 users to reinstall patch

Microsoft yesterday reissued a patch originally released last week. The software giant urged users of Windows XP SP2 and SP3 to install it promptly, in order to close a critical flaw in Windows.

Microsoft said patch MS08-030, issued on Patch Tueday 'June 10', did not completely solve a vulnerability in Windows XP's Bluetooth stack that could allow a hacker to execute code on the compromised machine. The same patch also covered Windows Vista, but Microsoft said the problem does not affect that version of the operating system...blamed the issue on "two separate human issues"...

pcadvisor.co

.
Windows Insider MVP 2017-2019
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators


#105 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 25 June 2008 - 05:42 AM

FYI...

Microsoft Security Advisory (954462)
Rise in SQL Injection Attacks Exploiting Unverified User Data Input
- http://www.microsoft...ory/954462.mspx
June 24, 2008 - "Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine.
Mitigating Factors:
This vulnerability is not exploitable in Web applications that follow generally accepted best practices for secure Web application development by verifying user data input...
(See) Suggested Actions..."
• Detection – HP Scrawlr - http://preview.tinyurl.com/4qkk6g ...
• Defense – UrlScan - http://learn.iis.net...3/using-urlscan
• Identifying - Source Code Analyzer for SQL Injection - http://support.microsoft.com/kb/954476
• Additional Info...

Microsoft SQL Injection Prevention Strategy
- http://isc.sans.org/...ml?storyid=4621
Last Updated: 2008-06-24 22:17:41 UTC - "...Microsoft recommends three approaches to help mitigate SQL Injection.
• Runtime scanning...
• URLScan...
• Code Scanning..."

- http://atlas.arbor.n...index#361782669
June 25, 2008 - "Microsoft today released security tools to help customers deal with SQL Injection Attacks. UrlScan, Microsoft Source Code Analyzer for SQL Injection and Scrawlr can be used by customers to check for SQL Injection issues in their applications.
Analysis: The release of these tools comes in a time when SQL injection is increasingly exploited. UrlScan is used to restrict HTTP requests that IIS will process."
* http://preview.tinyurl.com/5t2sbh
(blogs.technet.com)

:!:

Edited by apluswebmaster, 26 June 2008 - 08:36 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#106 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 01 July 2008 - 04:41 AM

FYI...

Microsoft Security Advisory (954960)
Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates
- http://www.microsoft...ory/954960.mspx
June 30, 2008 - "Microsoft is investigating public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft is aware of reports from customers who are experiencing this issue. Upon completing the investigation, Microsoft will take appropriate action to resolve the issue within Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1.

Note: The issue affecting System Center Configuration Manager 2007 first described in Microsoft Security Advisory 954474, where System Center Configuration Manager 2007 systems were blocked from deploying security updates, is separate from the issue described in this advisory.
Mitigating Factors:
• This issue is limited to customers who deploy updates through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1, and have Microsoft Office 2003 installed in their environments..."

- http://preview.tinyurl.com/6xdp79
June 30, 2008 (MSRC blog)

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#107 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 07 July 2008 - 03:10 PM

FYI...

Microsoft Security Advisory (955179)
Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution
- http://www.microsoft...ory/955179.mspx
July 7, 2008 - "Microsoft is investigating active, targeted attacks leveraging a potential vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. The ActiveX control for the Snapshot Viewer for Microsoft Access enables you to view an Access report snapshot without having the standard or run-time versions of Microsoft Office Access. The vulnerability only affects the ActiveX control for the Snapshot Viewer for Microsoft Office Access 2000, Microsoft Office Access 2002, and Microsoft Office Access 2003. The ActiveX control is shipped with all supported versions of Microsoft Office Access except for Microsoft Office Access 2007. The ActiveX control is also shipped with the standalone Snapshot Viewer...
Suggested Actions / Workarounds:
Microsoft has tested the following workarounds. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, this is stated in the entry.
• Prevent COM objects from running in Internet Explorer
You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry..."

(Kill bit listings shown in the advisory at the URL above.)

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#108 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 08 July 2008 - 09:02 PM

FYI...

Microsoft Security Advisory (953635)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
- http://www.microsoft...ory/953635.mspx
July 8, 2008 - "Microsoft is investigating new public reports of a possible vulnerability in Microsoft Office Word 2002 Service Pack 3. Our initial investigation indicates that customers who use all other supported versions of Microsoft Office Word, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and Microsoft Office for Mac are not affected. At this time, Microsoft is aware of limited, targeted attacks that attempt to use this vulnerability. While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability.
Microsoft is investigating the public reports and customer impact. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers..."

- http://preview.tinyurl.com/5vec22
July 08, 2008 (blogs.technet.com/msrc)

!!!
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#109 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 09 July 2008 - 10:03 PM

FYI...

Microsoft Security Advisory (954960)
Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates
- http://www.microsoft...ory/954960.mspx
Published: June 30, 2008 | Updated: July 9, 2008 - "Microsoft has completed the investigation into public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954960*. Microsoft encourages customers affected by this issue to review and install this update..."
* http://support.microsoft.com/kb/954960
Last Review: July 9, 2008
Revision: 2.0

//
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#110 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 July 2008 - 08:32 PM

FYI...

Update 2: Microsoft Security Advisory (954960)
- http://blogs.technet...ory-954960.aspx
July 10, 2008 - "...customers running Windows Server Update Services 3.0 Service Pack 1 on Windows Server 2008 may experience an issue installing the update provided in Microsoft Knowledge Base Article 954960*. The update does not correctly elevate privileges, which are required for the installation to complete. In order to successfully install this update we have identified steps in Advisory 954960**. Additionally, the update does not place an entry in Add or Remove Programs, and cannot be uninstalled. Microsoft has identified the packaging inconsistencies in the current update and is investigating options to resolve them. We will continue to monitor the situation and post updates to the advisory and the MSRC blog as we become aware of any important new information..."
* http://support.microsoft.com/kb/954960
Last Review: July 11, 2008 -?-
Revision: 3.0

** http://www.microsoft...ory/954960.mspx
• July 10, 2008: Advisory updated to reflect specific installation and uninstallation procedures for the update for Windows Server Update Services running on Windows Server 2008.

//
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#111 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 26 July 2008 - 03:38 AM

FYI...

Microsoft Security Advisory (956187)
Increased Threat for DNS Spoofing Vulnerability
- http://www.microsoft...ory/956187.mspx
July 25, 2008 - "Microsoft released Microsoft Security Bulletin MS08-037* on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet... attacks are likely imminent due to the publicly posted proof of concept..."
* http://www.microsoft...n/ms08-037.mspx
Updated: July 25, 2008
Version: 2.2

- http://support.microsoft.com/kb/953230
Last Review: July 25, 2008
Revision: 4.1

- http://securitylabs....lerts/3141.aspx
07.25.2008

//
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#112 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 02 August 2008 - 10:37 AM

FYI...

Microsoft Security Advisory (954960)
...WSUS Blocked from Deploying Security Updates
- http://www.microsoft...ory/954960.mspx
Updated: August 12, 2008

Some computers do not receive updates from the WSUS server
* http://support.microsoft.com/kb/954960
Last Review: August 12, 2008
Revision: 5.0

//

Edited by apluswebmaster, 13 August 2008 - 06:30 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#113 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 August 2008 - 06:33 AM

FYI...

Microsoft Security Advisory (953839)
Cumulative Security Update of -ActiveX- Kill Bits
- http://www.microsoft...ory/953839.mspx
August 12, 2008 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory. The update includes kill bits for the following third-party software:
• Aurigma Image Uploader. Aurigma has issued an advisory and an update that addresses vulnerabilities...
http://blogs.aurigma...y-bulletin.aspx ...
• HP Instant Support. HP has issued an advisory and an update that addresses vulnerabilities. Please see the advisory from HP for more information...
http://h20000.www2.h...ectID=c01422264 ...
...Customers who are interested in learning more about this update should review Microsoft Knowledge Base Article 953839
- http://support.microsoft.com/kb/953839
August 12, 2008

- http://www.microsoft...ory/953839.mspx
• August 13, 2008: Updated to include links to HP’s Advisories
"...HP has issued -2- advisories..."
* http://h20000.www2.h...ectID=c01422264
** http://h20000.www2.h...ectID=c01439758

//

Edited by apluswebmaster, 14 August 2008 - 05:59 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#114 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 09 October 2008 - 11:00 PM

FYI...

Microsoft Security Advisory (951306)
Vulnerability in Windows Could Allow Elevation of Privilege
- http://www.microsoft...ory/951306.mspx
Published: April 17, 2008 | Updated: October 9, 2008
"Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2, Windows XP Professional Service Pack 3, and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory. Hosting providers may be at increased risk from this elevation of privilege vulnerability.
Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory. Our investigation of this exploit code has verified that it does not affect customers who have applied the workarounds listed...
Revisions:
• April 17, 2008: Advisory published
• April 23, 2008: Added clarification to impact of workaround for IIS 6.0
• August 27, 2008: Added Windows XP Professional Service Pack 3 as affected software.
• October 9, 2008: Added information regarding the public availability of exploit code...

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#115 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 14 October 2008 - 12:58 PM

FYI...

Microsoft Security Advisory (956391)
Cumulative Security Update of ActiveX Kill Bits
- http://www.microsoft...ory/956391.mspx
October 14, 2008 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory...
This update sets the kill bits for the following third-party software:
• Microgaming Download Helper...
• System Requirements Lab...
• PhotoStockPlus Uploader Tool...
This update sets the kill bits for ActiveX controls addressed in previous Microsoft Security Bulletins. These kill bits are being set in this update as a defense in depth measure:
• Unsafe Functions in Office Web Components (328130), MS02-044.
• Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103), MS08-017.
• Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617), MS08-041.
• Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593), MS08-052.
For more information about installing this update, see Microsoft Knowledge Base Article 956391*."
* http://support.microsoft.com/kb/956391
Last Review: October 14, 2008

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#116 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 27 October 2008 - 09:10 PM

FYI...

Microsoft Security Advisory (958963)
Exploit Code Published Affecting the Server Service
- http://www.microsoft...ory/958963.mspx
October 27, 2008 - "Microsoft is aware that detailed exploit code demonstrating code execution has been published on the Internet for the vulnerability that is addressed by security update MS08-067*. This exploit code demonstrates code execution on Windows 2000, Windows XP, and Windows Server 2003. Microsoft is aware of limited, targeted active attacks that use this exploit code. At this time, there are no self-replicating attacks associated with this vulnerability. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue. Our investigation of this exploit code has verified that it does not affect customers who have installed the updates detailed in MS08-067 on their computers. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows..."
* http://www.microsoft...n/MS08-067.mspx

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#117 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 09 December 2008 - 05:16 PM

FYI...

Microsoft Security Advisory (960906)
Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
- http://www.microsoft...ory/960906.mspx
Published: December 9, 2008 - "Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 are -not- affected as these operating systems do not contain the vulnerable code. Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability..."

- http://isc.sans.org/...ml?storyid=5461
Last Updated: 2008-12-10 11:38:37 UTC

- http://blog.trendmic...pad-of-caution/
Dec. 15, 2008 - "...The exploit works by using a specially-crafted .DOC, .WRI, or .RTF file to take advantage of the WordPad vulnerability, thereby causing the said application to crash. This crash may then allow a remote malicious user to take control of an affected system..."

- http://www.microsoft...ory/960906.mspx
• December 15, 2008: Updated the workaround, Disable the WordPad Text Converter for Word 97.

:!:

Edited by apluswebmaster, 16 December 2008 - 01:30 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#118 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 11 December 2008 - 04:31 AM

FYI...

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...ory/961051.mspx
Published: December 10, 2008 - "Microsoft is investigating new public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008... Our investigation of these attacks so far has verified that they are not successful against customers who have applied the workarounds listed in this advisory...
Suggested Actions... Workarounds:
Microsoft has tested the following workarounds. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors...
• Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones...
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone...
• Enable DEP for Internet 7..."

:!: :!: :!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#119 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 12 December 2008 - 05:39 AM

FYI...

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...ory/961051.mspx
Revisions:
• December 10, 2008: Advisory published
• December 11, 2008: Revised to include Microsoft Internet Explorer 5.01 Service Pack 4, Internet Explorer 6 Service Pack 1, Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 as potentially vulnerable software. Also added more workarounds...
- Workarounds...
• Use ACL to disable OLEDB32.DLL...
• Unregister OLEDB32.DLL...
• Disable Data Binding support in Internet Explorer 8...

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#120 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 December 2008 - 01:38 AM

FYI...

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...51.mspx?pf=true
• December 12, 2008: Revised to correct operating systems that support Windows Internet Explorer 8 Beta 2. Also added more workarounds and a reference to Microsoft Security Advisory (954462*).

- http://support.microsoft.com/kb/961051
Last Review: December 13, 2008 - Revision: 2.0

Rise in SQL injection attacks exploiting unverified user data input
* http://support.microsoft.com/kb/954462
June 24, 2008

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#121 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 16 December 2008 - 05:28 AM

FYI...

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...ory/961051.mspx
• December 15, 2008: Updated the workarounds, Disable XML Island functionality and Disable Row Position functionality of OLEDB32.dll.
...Registry Editor...

- http://support.microsoft.com/kb/961051
Last Review: December 14, 2008 - Revision: 3.0

:(
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#122 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 17 December 2008 - 12:17 PM

FYI...

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...ory/961051.mspx
December 17, 2008 - "Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-078* to address this issue. For more information about this issue, including download links for an available security update, please review MS08-078. The vulnerability addressed is the Pointer Reference Memory Corruption Vulnerability - CVE-2008-4844**..."

* http://www.microsoft...n/ms08-078.mspx

** http://web.nvd.nist....d=CVE-2008-4844

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#123 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 23 December 2008 - 04:30 AM

FYI...

Microsoft Security Advisory (961040)
Vulnerability in SQL Server Could Allow Remote Code Execution
- http://www.microsoft...ory/961040.mspx
December 22, 2008 - "Microsoft is investigating new public reports of a vulnerability that could allow remote code execution on systems with supported editions of Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon). Systems with Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008 are not affected by this issue. Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory. Our investigation of this exploit code has verified that it does not affect systems that have had the workarounds* listed below applied. Currently, Microsoft is not aware of active attacks that use this exploit code or of customer impact at this time. In addition, due to the mitigating factors for default installations of MSDE 2000 and SQL Server 2005 Express, Microsoft is not currently aware of any third-party applications that use MSDE 2000 or SQL Server 2005 Express which would be vulnerable to remote attack. However, Microsoft is actively monitoring this situation to provide customer guidance as necessary...
* Workarounds...
Deny permissions on the sp_replwritetovarbin extended stored procedure..."

- http://support.microsoft.com/kb/961040
December 23, 2008

- http://isc.sans.org/...ml?storyid=5545
Last Updated: 2008-12-23 14:13:19 UTC
___

- http://www.microsoft...ory/961040.mspx
Updated: February 10, 2009 - "...We have issued MS09-004* to address this issue... The vulnerability addressed is the SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability
- http://web.nvd.nist....d=CVE-2008-5416 ..."

* http://www.microsoft...n/ms09-004.mspx

:!:

Edited by apluswebmaster, 11 February 2009 - 05:33 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#124 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 30 December 2008 - 01:00 PM

FYI...

Microsoft Security Advisory (961509)
Research proves feasibility of collision attacks against MD5
- http://www.microsoft...ory/961509.mspx
December 30, 2008 - "Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method could allow an attacker to generate additional digital certificates with different content that have the same digital signature as an original certificate. The MD5 algorithm had previously shown a vulnerability, but a practical attack had not yet been demonstrated. This new disclosure does not increase risk to customers significantly, as the researchers have not published the cryptographic background to the attack, and the attack is not repeatable without this information. Microsoft is not aware of any active attacks using this issue and is actively working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm. While this issue is not a vulnerability in a Microsoft product, Microsoft is actively monitoring the situation and has worked with affected Certificate Authorities to keep customers informed and to provide customer guidance as necessary...
Mitigating Factors...
• Most public Certificate Authority roots no longer use MD5 to sign certificates, but have upgraded to the more secure SHA-1 algorithm. Customers should contact their issuing Certificate Authority for guidance.
• When visited, Web sites that use Extended Validation (EV) certificates show a green address bar in most modern browsers. These certificates are always signed using SHA-1 and as such are not affected by this newly reported research...
Suggested Actions...
• Do not sign digital certificates with MD5
Certificate Authorities should no longer sign newly generated certificates using the MD5 algorithm, as it is known to be prone to collision attacks. Several alternative and more secure technologies are available, including SHA-1, SHA-256, SHA-384 or SHA-512.
Impact of action: Older hardware-based solutions may require upgrading to support these newer technologies...

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#125 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 11 February 2009 - 04:44 AM

FYI...

Microsoft Security Advisory (960715)
Update Rollup for ActiveX Kill Bits
- http://www.microsoft...ory/960715.mspx
Published: February 10, 2009 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory. The update includes kill bits for previously published Microsoft security bulletins:
MS08-070 - Critical
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
- http://www.microsoft...n/ms08-070.mspx
For more information about installing this update, see:
Update Rollup for ActiveX Kill Bits
- http://support.microsoft.com/kb/960715
February 10, 2009

The update also includes kill bits for the following third-party software:
• Akamai Download Manager...
...Further details can be found in the security release issued by Akamai:
- http://www.akamai.co...t/security.html

• Research in Motion (RIM) AxLoader...
...Further details can be found in the security release issued by RIM:
- http://www.blackberr...ernalId=KB16248

:!:

Edited by apluswebmaster, 12 February 2009 - 01:52 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#126 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 24 February 2009 - 04:50 PM

FYI...

Microsoft Security Advisory (968272)
Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
- http://www.microsoft...ory/968272.mspx
February 24, 2009 - "Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability...
• Users who have installed and are using the Office Document Open Confirmation Tool* for Office 2000 will be prompted with Open, Save, or Cancel before opening a document.
* http://www.microsoft...E6-C9538E9F2A2F

- http://www.securityf...d/33870/exploit
"Symantec has detected active in-the-wild exploit attempts. This issue is detected as 'Trojan.Mdropper.AC'**

Trojan.Mdropper.AC
** http://preview.tinyurl.com/dbz42c
Updated: February 24, 2009 - "Systems Affected: Windows Vista, Windows XP
When the Trojan executes, it may exploit the Microsoft Excel Unspecified Remote Code Execution Vulnerability (BID 33870).
It then drops the following file: %Temp%\rundll.exe (a copy of Downloader)
The Trojan may then attempt to download more files on to the compromised computer from the following locations:
* [http://]61.59.24.55/sb.php?id=[19 RANDOM ASCII CHARACTERS]
* [http://]61.59.24.45/sb.php?id=[19 RANDOM ASCII CHARACTERS]
* [http://]61.221.40.63/sb.php?id=[19 RANDOM ASCII CHARACTERS] ..."

:ph34r: :!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#127 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 27 February 2009 - 12:28 PM

FYI...

Microsoft Security Advisory (967940)
Update for Windows Autorun
- http://www.microsoft...ory/967940.mspx
02/24/2009 - "Microsoft is announcing the availability of an update that corrects a functionality feature that can help customers in keeping their systems protected. The update corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected. When functioning as expected, the NoDriveTypeAutoRun registry key can be used to selectively disable Autorun functionality (e.g. AutoPlay, double click, and contextual menu features associated with Autorun) for drives on a user's system and network. Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file. We encourage Windows customers to review and install this update. This update is available through automatic updating and from the download center. For more information about this issue, including download links for this non-security update, see Microsoft Knowledge Base Article 967715*."
* http://support.microsoft.com/kb/967715

:!:

Edited by apluswebmaster, 27 February 2009 - 01:01 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#128 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 March 2009 - 04:23 AM

FYI...

- http://isc.sans.org/...ml?storyid=6010
Last Updated: 2009-03-13 03:07:43 UTC - "...Microsoft should really fix this vulnerability and pay more attention to local privilege escalation vulnerabilities. While MS released an advisory with suggested workarounds (available at http://www.microsoft...ory/951306.mspx *), I don’t think enough people know about this..."
* Microsoft Security Advisory (951306)
Vulnerability in Windows Could Allow Elevation of Privilege
...
Revisions:
• April 17, 2008: Advisory published
• April 23, 2008: Added clarification to impact of workaround for IIS 6.0
• August 27, 2008: Added Windows XP Professional Service Pack 3 as affected software.
• October 9, 2008: Added information regarding the public availability of exploit code.

:ph34r: :ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#129 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 03 April 2009 - 04:15 AM

FYI...

Microsoft Security Advisory (969136)
Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution
- http://www.microsoft...ory/969136.mspx
April 2, 2009 - "Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability... Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs..."

- http://secunia.com/advisories/34572/
Release Date: 2009-04-03
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched ...

- http://www.cve.mitre...e=CVE-2009-0556

:ph34r:

Edited by apluswebmaster, 03 April 2009 - 11:24 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#130 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 April 2009 - 03:17 PM

FYI...

April 14: MS Support ends for...
- http://www.wservernews.com/
Apr. 10, 2009 - "Next Tuesday (14-Apr-2009), Redmond will no longer offer mainstream support for a bunch of Service Packs flavors, WinXP (Service Pack 0) and W2K3 SP1 among them. They said they will continue to provide free security fixes for XP until 2014. Windows XP still accounts for about 63 percent of all Internet-connected computers, according to March 2009 statistics from Hitslink, while Windows Vista makes up about 24 percent. Here are the Hitslink market share numbers:
http://marketshare.h...e.aspx?qprid=10
Support for WinXP Service Pack 2 is until July 13, 2010. Existing XP users are encouraged to upgrade to the latest SP3. More about this at the "Windows Service Pack Road Map" at Microsoft:
- http://www.microsoft...rvicepacks.mspx ...
... list of products and versions where the support will end on April 14, 2009...
- http://preview.tinyurl.com/s870 ..."

:blink:

Edited by apluswebmaster, 10 April 2009 - 03:23 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#131 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 15 April 2009 - 04:40 AM

FYI...

Microsoft Security Advisory (968272)
Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
- http://www.microsoft...ory/968272.mspx
Published: February 24, 2009 | Updated: April 14, 2009 - "... We have issued MS09-009 to address this issue..."
- http://www.microsoft...n/MS09-009.mspx

Microsoft Security Advisory (960906)
Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
- http://www.microsoft...ory/960906.mspx
Published: December 9, 2008 | Updated: April 14, 2009 - "... We have issued MS09-010 to address this issue..."
- http://www.microsoft...n/MS09-010.mspx

Microsoft Security Advisory (953818)
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform
- http://www.microsoft...ory/953818.mspx
Published: May 30, 2008 | Updated: April 14, 2009 - "... Customers running Safari on Windows should review this advisory. We have issued Microsoft Security Bulletin MS09-014, Cumulative Security Update for Internet Explorer (963027), and MS09-015, Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426), to address this issue. For more information about this issue, including download links for security updates, please review MS09-014 and MS09-015.
- http://www.microsoft...n/ms09-014.mspx
- http://www.microsoft...n/ms09-015.mspx
Apple Support has released a security advisory that addresses the vulnerability in Apple’s Safari 3.1.2 for Windows. Please see Apple security advisory About the security content of Safari 3.1.2 for Windows for more information.
- http://support.apple.com/kb/HT2092
Mitigating Factors:
• Customers who have changed the default location where Safari downloads content to the local drive are not affected by this blended threat..."

Microsoft Security Advisory (951306)
Vulnerability in Windows Could Allow Elevation of Privilege
- http://www.microsoft...ory/951306.mspx
Published: April 17, 2008 | Updated: April 14, 2009 - "... We have issued MS09-012 to address this issue..."
- http://www.microsoft...n/ms09-012.mspx

:!:

Edited by apluswebmaster, 22 April 2009 - 07:10 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#132 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 May 2009 - 09:46 AM

FYI...

Microsoft Security Advisory (969136)
Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution
- http://www.microsoft...ory/969136.mspx
Updated: May 12, 2009 - "...We have issued MS09-017* to address this issue..."
* http://www.microsoft...n/ms09-017.mspx

- http://web.nvd.nist....d=CVE-2009-0556

// At least one of the vulnerabilities is actively being exploited in the wild.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#133 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 19 May 2009 - 03:39 AM

FYI...

Microsoft Security Advisory (971492)
Vulnerability in Internet Information Services Could Allow Elevation of Privilege
- http://www.microsoft...ory/971492.mspx
May 18, 2009 - "Microsoft is investigating new public reports of a possible vulnerability in Microsoft Internet Information Services (IIS). An elevation of privilege vulnerability exists in the way that the WebDAV extension for IIS handles HTTP requests. An attacker could exploit this vulnerability by creating a specially crafted anonymous HTTP request to gain access to a location that typically requires authentication. We are not aware of attacks that are trying to use this vulnerability or of customer impact at this time. Microsoft is investigating the public reports...
Workarounds:
- Disable WebDAV...
- Alternate method to disable WebDAV on IIS 5.0 and IIS 5.1...
- Alternate method to disable WebDAV on IIS 5.1 and IIS 6.0...
- Change file system ACLs to deny access to the anonymous user account...

- http://web.nvd.nist....d=CVE-2009-1676
Last revised: 05/20/2009
CVSS v2 Base Score: 7.6 (HIGH)

> http://blogs.technet...ion-bypass.aspx
May 18, 2009

- http://atlas.arbor.n...ndex#1027953690
May 18, 2009

:!:

Edited by apluswebmaster, 21 May 2009 - 11:45 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#134 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 28 May 2009 - 04:57 PM

FYI...

Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
- http://www.microsoft...ory/971778.mspx
May 28, 2009 - "Microsoft is investigating new public reports of a new vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted QuickTime media file. Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable... Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers..."

- http://www.theregist..._vulnerability/
28 May 2009 22:37 GMT - "... Microsoft has offered several work-arounds until a patch is available. The most straight-forward of them involves visiting this link* and clicking on the "Fix it" icon. (We got an error when using Firefox, but it worked fine with Internet Explorer)..."
* http://support.micro...ixItForMeAlways
June 3, 2009 (Get the Enable Workaround "FixIt" here. MUST be run in Admin mode.)

> http://web.nvd.nist....d=CVE-2009-1537
Last revised: 06/09/2009
CVSS v2 Base Score: 9.3 (HIGH)
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service...

- http://secunia.com/advisories/35268/2/
Release Date: 2009-05-29
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched...
Solution: Disable the parsing of QuickTime content in quartz.dll. Please see the vendor's advisory for more information. Do not browse untrusted websites or follow untrusted links. Do not open untrusted media files...

:ph34r:

Edited by apluswebmaster, 08 July 2009 - 04:42 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#135 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 June 2009 - 10:26 AM

FYI...

Microsoft Security Advisory (971888)
Update for DNS Devolution
- http://www.microsoft...ory/971888.mspx
Published or Last Updated: 6/9/2009

Microsoft Security Advisory (971492)
Vulnerability in Internet Information Services Could Allow Elevation of Privilege
- http://www.microsoft...ory/971492.mspx
Published: May 18, 2009 | Updated: June 9, 2009 - "... We have issued MS09-020 to address this issue..." - http://www.microsoft...n/MS09-020.mspx

Microsoft Security Advisory (969898)
Update Rollup for ActiveX Kill Bits
- http://www.microsoft...ory/969898.mspx
June 9, 2009 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory.
The update includes a kill bit from a previously published Microsoft Cumulative Update:
• Microsoft Visual Basic 6.0 Service Pack 6 Cumulative Update (KB957924)
- http://www.microsoft...;displaylang=en
The update also includes kill bits for the following third-party software:
• Derivco. This security update sets a kill bit for an ActiveX control developed by Derivco. Derivco has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from Derivco. This kill bit is being set at the request of the owner of the ActiveX controls...
• eBay Advanced Image Upload Component. This security update sets a kill bit for an ActiveX control developed by eBay. eBay has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from eBay. This kill bit is being set at the request of the owner of the ActiveX controls...
• HP Virtual Room v7.0. This security update sets a kill bit for an ActiveX control developed by Research In Motion (RIM). RIM has released a security update that addresses a vulnerability in the affected component. For more information and download locations, see the security release from HP. This kill bit is being set at the request of the owner of the ActiveX controls..."

Microsoft Security Advisory (945713)
Vulnerability in Web Proxy Auto-Discovery (WPAD) Could Allow Information Disclosure
- http://www.microsoft...ory/945713.mspx
Published: December 3, 2007 | Updated: June 9, 2009 - "... We have issued MS09-008 to address the WPAD issue and have released configuration guidance and updates for DNS devolution in Microsoft Security Advisory 971888. The vulnerabilities addressed are DNS Server Vulnerability in WPAD Registration Vulnerability CVE-2009-0093 and WPAD WINS Server Registration Vulnerability CVE-2009-0094..."
- http://www.microsoft...n/MS09-008.mspx
- http://www.microsoft...ory/971888.mspx
- http://web.nvd.nist....d=CVE-2009-0093
- http://web.nvd.nist....d=CVE-2009-0094

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#136 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 06 July 2009 - 01:09 PM

FYI...

Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution
- http://www.microsoft...ory/972890.mspx
July 06, 2009 - "Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention. We are aware of attacks attempting to exploit the vulnerability.
Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure. Customers may prevent the Microsoft Video ActiveX Control from running in Internet Explorer, either manually using the instructions in the Workaround section or automatically using the solution found in Microsoft Knowledge Base Article 972890*..."
* http://support.micro...2890#FixItForMe
July 6, 2009 (Get the Enable Workaround "FixIt" here. MUST be run in Admin mode.)

- http://web.nvd.nist....d=CVE-2008-0015
Last revised: 07/09/2009
CVSS v2 Base Score: 9.3 (HIGH)
Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service ...

- http://securitylabs....Blogs/3434.aspx
07.09.2009

:ph34r:

Edited by apluswebmaster, 10 July 2009 - 02:25 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#137 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 July 2009 - 09:28 AM

FYI...

Microsoft Security Advisory (973472)
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
- http://www.microsoft...ory/973472.mspx
July 13, 2009 - "Microsoft is investigating a privately reported vulnerability in Microsoft Office Web Components. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention. We are aware of attacks attempting to exploit the vulnerability. Customers may prevent the Microsoft Office Web Components from running in Internet Explorer either manually, using the instructions in the Workaround section, or automatically, using the solution found in Microsoft Knowledge Base Article 973472*..."
* http://support.micro...3472#FixItForMe
July 13, 2009 - Revision: 1.2

- http://secunia.com/advisories/35800/2/
Release Date: 2009-07-13
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Solution: Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by: Reported as a 0-day...

- http://isc.sans.org/...ml?storyid=6778
Last Updated: 2009-07-14 01:35:23 UTC ...(Version: 8) - "... This vulnerability exists in the ActiveX control used by IE to display Excel spreadsheets... we are seeing active exploit pages... Start working on this ASAP. The impact is remote code execution with the privileges of the logged in user running Internet Explorer, and might not require user intervention. As in browse to a nasty web site and be pwn3d..."

- http://web.nvd.nist....d=CVE-2009-1136

:ph34r:

Edited by apluswebmaster, 15 July 2009 - 01:31 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#138 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 15 July 2009 - 11:46 AM

FYI...

Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution
- http://www.microsoft...ory/972890.mspx
Published: July 06, 2009 | Updated: July 14, 2009 - "... We have issued MS09-032 to address this issue..."
- http://www.microsoft...n/ms09-032.mspx

Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
- http://www.microsoft...ory/971778.mspx
Published: May 28, 2009 | Updated: July 14, 2009 - "... We have issued MS09-028 to address this issue..."
- http://www.microsoft...n/ms09-028.mspx

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#139 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 28 July 2009 - 11:31 AM

FYI...

Microsoft Security Advisory (973882)
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
- http://www.microsoft...ory/973882.mspx
July 28, 2009 - "Microsoft is releasing this security advisory to provide information about our ongoing investigation into vulnerabilities in the public and private versions of Microsoft's Active Template Library (ATL). This advisory also provides guidance as to what developers can do to help ensure that the controls and components they have built are not vulnerable to the ATL issues; what IT Professionals and consumers can do to mitigate potential attacks that use the vulnerabilities; and what Microsoft is doing as part of its ongoing investigation into the issue described in this advisory. This security advisory will also provide a comprehensive listing of all Microsoft Security Bulletins and Security Updates related to the vulnerabilities in ATL. Microsoft's investigation into the private and public versions of ATL is ongoing, and we will release security updates and guidance as appropriate as part of the investigation process...
Updates related to ATL: Updates released on July 28, 2009...

Microsoft Security Bulletin MS09-034 - Critical
Cumulative Security Update for Internet Explorer (972260)
- http://www.microsoft...n/ms09-034.mspx
July 28, 2009

Microsoft Security Bulletin MS09-035 - Moderate
Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
- http://www.microsoft...n/ms09-035.mspx
July 28, 2009
___

- http://isc.sans.org/...ml?storyid=6874
Last Updated: 2009-07-28 17:19:30 UTC ...(Version: 2)

Edited by apluswebmaster, 28 July 2009 - 11:32 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#140 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 11 August 2009 - 04:55 PM

FYI...

Microsoft Security Advisory (973882)
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
- http://www.microsoft...ory/973882.mspx
Published: July 28, 2009 | Updated: August 11, 2009 - "...Updates related to ATL:
- Updates released on August 11, 2009
• MS09-037 - Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
http://www.microsoft...n/ms09-037.mspx
• MS09-035 - Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution
Published: July 28, 2009 | Updated: August 11, 2009
http://www.microsoft...n/ms09-035.mspx
- Updates released on July 28, 2009
• MS09-035 - Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution
• MS09-034 - Cumulative Security Update for Internet Explorer
http://www.microsoft...n/ms09-034.mspx
- Update released on July 14, 2009
• MS09-032 - Cumulative Security Update of ActiveX Kill Bits
http://www.microsoft...n/ms09-032.mspx
___

Microsoft Security Advisory (973811)
Extended Protection for Authentication
- http://www.microsoft...ory/973811.mspx
Published: August 11, 2009 - "Microsoft is announcing the availability of a new feature, Extended Protection for Authentication, on the Windows platform. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA). The update itself does not directly provide protection against specific attacks such as credential forwarding, but allows applications to opt-in to Extended Protection for Authentication. This advisory briefs developers and system administrators on this new functionality and how it can be deployed to help protect authentication credentials... Apply the updates associated with security bulletin MS09-042...
http://www.microsoft...n/ms09-042.mspx

Microsoft Security Advisory (973472)
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
- http://www.microsoft...ory/973472.mspx
Published: July 13, 2009 | Updated: August 11, 2009 - "... We have issued MS09-043* to address this issue..."
* http://www.microsoft...n/ms09-043.mspx

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#141 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 27 August 2009 - 03:55 PM

FYI...

Microsoft Security Advisory (973882)
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
- http://www.microsoft...ory/973882.mspx
• V3.0 (August 25, 2009): Advisory revised to provide details about the Windows Live Messenger* 14.0.8089 release and to communicate the removal of the Windows Live Hotmail "Attach Photo" feature.

* http://download.live.com/messenger

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#142 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 31 August 2009 - 02:35 PM

FYI...

Microsoft Security Advisory (967940)
Update for Windows Autorun
- http://www.microsoft...ory/967940.mspx
• V1.1 (August 25, 2009): Summary revised to notify users of an update to Autorun that restricts AutoPlay functionality to CD-ROM and DVD-ROM media, available for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 from Microsoft Knowledge Base Article 971029*.
* http://support.microsoft.com/kb/971029

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#143 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 01 September 2009 - 08:34 PM

FYI...

Microsoft Security Advisory (975191)
Vulnerability in Internet Information Services FTP Service Could Allow for Remote Code Execution
- http://www.microsoft...ory/975191.mspx
September 01, 2009 - "Microsoft is investigating new public reports of a vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, and Microsoft Internet Information Services (IIS) 6.0. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet. Microsoft is aware that detailed exploit code has been published on the Internet for this vulnerability. Microsoft is -not- currently aware of active attacks that use this exploit code or of customer impact at this time...
(See:)
Workarounds...
Additional Suggested Actions..."
* http://support.microsoft.com/kb/975191
September 2, 2009

> http://secunia.com/advisories/36443/2/
Release Date: 2009-09-01

- http://www.microsoft...ory/975191.mspx
"... Microsoft is currently aware of limited attacks that use this exploit code..."
Workarounds...
• Do not allow FTP write access to anonymous users...
• Do not allow FTP access to anonymous users...
• Modify NTFS file system permissions to disallow directory creation by FTP users...
• Upgrade to FTP Service 7.5 - FTP Service 7.5 is available for Windows Vista and Windows Server 2008. This version of FTP Service is not affected by the vulnerabilities in this advisory...
• Disable the FTP Service...
---
• V2.0 (September 3, 2009): Advisory revised to add CVE-2009-2521 and to provide more information on affected software, mitigations, and workarounds.

- http://web.nvd.nist....d=CVE-2009-3023
Last revised: 09/04/2009
CVSS v2 Base Score: 9.0 (HIGH)

- http://web.nvd.nist....d=CVE-2009-2521
Last revised: 09/04/2009

:ph34r:

Edited by apluswebmaster, 05 September 2009 - 05:16 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#144 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 08 September 2009 - 08:29 PM

FYI...

Microsoft Security Advisory (975497)
Vulnerabilities in SMB Could Allow Remote Code Execution
- http://www.microsoft...ory/975497.mspx
September 08, 2009 - "Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time... Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs...
Workarounds...
• Disable SMB v2... modify the registry key...
• Block TCP ports 139 and 445 at the firewall..."

- http://web.nvd.nist....d=CVE-2009-3103
Last revised: 09/09/2009

- http://www.symantec....d-possibly-more
September 15, 2009

:ph34r:

Edited by apluswebmaster, 15 September 2009 - 09:03 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#145 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 17 September 2009 - 04:07 PM

FYI...

Microsoft Security Advisory (975497)
Vulnerabilities in SMB Could Allow Remote Code Execution
- http://www.microsoft...ory/975497.mspx
Updated: September 17, 2009 - "...Workarounds:
• Disable SMB v2... See Microsoft Knowledge Base Article 975497* to use the automated Microsoft Fix it solution to enable or disable this workaround...
* http://support.microsoft.com/kb/975497

• V1.1 (September 17, 2009): Clarified the FAQ, What is SMBv2? Added a link to Microsoft Knowledge Base Article 975497 to provide an automated Microsoft Fix it solution* for the workaround, Disable SMB v2...

- http://blogs.technet...nerability.aspx
September 18, 2009

:ph34r:

Edited by apluswebmaster, 20 September 2009 - 10:18 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#146 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 23 September 2009 - 03:42 PM

FYI...

Microsoft Security Advisory (975497)
Vulnerabilities in SMB Could Allow Remote Code Execution
- http://www.microsoft...ory/975497.mspx
• V1.2 (September 23, 2009): Clarified the FAQ, What is Server Message Block Version 2 (SMBv2)? Also clarified the impact of the workaround, Disable SMB v2.
(See: "Workarounds... Impact of Workaround...")
"... Some of the applications or services that could be impacted are listed..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#147 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 09 October 2009 - 03:22 AM

FYI...

October 2009 Bulletin Release Advance Notification
- http://blogs.technet...in-release.aspx
October 08, 2009 - "... Among the updates this month, we are closing out two current security advisories:
Vulnerabilities in SMB Could Allow Remote Code Execution (975497)
http://www.microsoft...ory/975497.mspx
Vulnerabilities in the FTP Service in Internet Information Services (975191)
http://www.microsoft...ory/975191.mspx
Usually we do not go into this level of detail in the advance notification but we felt that it is important guidance so customers can plan accordingly and deploy these updates as soon as possible..."

- http://www.spywarein...howtopic=126070

.

Edited by apluswebmaster, 15 October 2009 - 08:05 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#148 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 15 October 2009 - 08:09 PM

FYI...

Microsoft Security Advisory (973882)
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
- http://www.microsoft...ory/973882.mspx
• V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, "Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution."
- http://www.microsoft...n/ms09-060.mspx

Microsoft Security Advisory (975191)
Vulnerabilities in the FTP Service in Internet Information Services
- http://www.microsoft...ory/975191.mspx
• V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin (MS09-053).
- http://www.microsoft...n/ms09-053.mspx

Microsoft Security Advisory (975497)
Vulnerabilities in SMB Could Allow Remote Code Execution
- http://www.microsoft...ory/975497.mspx
• V2.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin (MS09-050).
- http://www.microsoft...n/ms09-050.mspx

Microsoft Security Advisory (973811)
Extended Protection for Authentication
- http://www.microsoft...ory/973811.mspx
Updated: October 14, 2009 - "... Microsoft Security Bulletin MS09-054 contains a defense-in-depth, non-security update that enables WinINET to opt in to Extended Protection for Authentication.
• V1.1 (October 14, 2009): Updated the FAQ with information about a non-security update included in MS09-054* relating to WinINET.
* http://www.microsoft...n/ms09-054.mspx

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#149 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 November 2009 - 08:42 PM

FYI...

Microsoft Security Advisory (977544)
Vulnerability in SMB Could Allow Denial of Service
- http://www.microsoft...ory/977544.mspx
November 13, 2009 - "Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol. This vulnerability cannot be used to take control of or install malicious software on a user’s system. However, Microsoft is aware that detailed exploit code has been published for the vulnerability. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary... Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities..."

- http://isc.sans.org/...ml?storyid=7597
Last Updated: 2009-11-14 02:36:34 UTC - "... Assuming that you block TCP ports 139 and 445 the only impact would be an internal attacker could disable affected systems until restarted. In the grand scheme of things this would not be a critical issue unless all of a sudden your servers had to be rebooted on a regular basis, in that case you may have bigger problems because the fox would already be in the henhouse. The list of affected systems is: Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems (includig Server Core), and Windows Server 2008 R2 for Itanium-based Systems..."

:ph34r:

Edited by apluswebmaster, 13 November 2009 - 08:45 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#150 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 24 November 2009 - 07:37 AM

FYI...

Microsoft Security Advisory (977981)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://www.microsoft...ory/977981.mspx
November 23, 2009 - "... Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 are affected. The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code. At this time, we are aware of no attacks attempting to use this vulnerability against Internet Explorer 6 Service Pack 1 and Internet Explorer 7. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers...
Mitigating Factors:
• Internet Explorer 8 is -not- affected.
• Protected Mode in Internet Explorer 7 in Windows Vista limits the impact of the vulnerability.
• By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.
• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
• By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario..."
(Also see: Workarounds)

- http://www.spywarein...ndpost&p=707618
Updated: November 25, 2009

:ph34r:

Edited by apluswebmaster, 26 November 2009 - 11:20 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button