Microsoft's Valentine: Patch Tuesday
It was no love and all business for Microsoft on Tuesday, as the company released seven updates for its products. These included fixes for two critical flaws in Internet Explorer and Windows Media Player, and five important updates addressing issues in Windows and Microsoft Office.
A critical vulnerability that existed in the Graphics Rendering Engine of Internet Explorer was one of those patched. A specially crafted Windows Metafile image could be generated to allow for remote code execution and potentially open the door for an attacker to take complete control of an affected system.
Microsoft said the problem is a separate issue from WMF vulnerabilities previously disclosed by the company, adding that the flaw could only be exploited within Windows 2000 Service Pack 4. It also stressed that a user would need to visit a malicious Web site, open or preview an e-mail message, or open a specially crafted attachment.
The second critical flaw addressed Tuesday deals with the way Windows Media Player processes bitmap files. Attackers could exploit the vulnerability by creating a malicious .bmp file that could then execute code to allow an attacker to take control of the system.
However, as with the new WMF flaw, significant user interaction is required in order for the vulnerability to be exploited. However, the scope of this flaw is much wider, and affects Windows Media Player 10 for XP and WMP 9 for Windows 98 and later operating systems.
Also addressed was a less severe flaw in the way the Windows Media Player plug-in is handled by non-Microsoft browsers, which could allow for remote code execution.
"A remote code execution vulnerability exists in the Windows Media Player plug-in for non-Microsoft Internet browsers because of the way the Windows Media Player plug-in handles a malformed EMBED element," the company said in an advisory.
Other "important" flaws patched involved two within Windows, one in TCP/IP that could allow for a denial of service attack, another within the Windows Web Client Service that could allow for remote code execution, and also a flaw in the Korean Input Method Editor that could allow for elevation of privilege, however the attacker would need to log in to the affected system.
Finally, Microsoft addressed an issue within PowerPoint 2000 that could potentially disclose sensitive information about the user.
"An attacker who successfully exploited this vulnerability could remotely attempt to access objects in the Temporary Internet Files Folder (TIFF) explicitly by name," the company said in its advisory.
While this information would not allow for malicious activity, data discovered by the attacker in these files could be use to further compromise an affected system, Microsoft warned.