8 Critical Flaws Patched by Microsoft
Microsoft has released its super-sized Patch Tuesday, heavy on "critical" patches, with eight rated as such. Four other patches rounded out the list of updates, with three patches rated "important" and one rated "moderate."
Of the eight most serious fixes, two affect Internet Explorer, one for JScript within Internet Explorer, one in Windows Media Player, two in Windows, one in Word, and another in PowerPoint.
The patch for Word fixes a highly-publicized zero-day exploit that has already been used in several cyber attacks. The vulnerability can be exploited after a user opens a specially crafted Word file with a malformed object pointer, allowing for code execution.
Another is a cumulative patch for Internet Explorer, which fixes five code execution vulnerabilities, a spoofing flaw, and an issue that could pose both an information disclosure or spoofing risk.
Included in the cumulative patch is an update that changes the way Internet Explorer handles ActiveX controls.
The modification was initially made back in March in response to a patent infringement case that Microsoft involved in with Eolas. However, Microsoft offered a reprieve to developers by delaying the forced change for two months in order to allow them to change their applications.
Two other patches resolve Internet Explorer issues. One fixes a remote code execution risk in AOL ART binary support that shipped with Windows and Internet Explorer. A specially crafted ART file could be used to take complete control of an affected system, Microsoft warns.
A memory corruption issue with JScript that could be exploited through specially crafted code within an e-mail or on a malicious Web site has also been remedied.
Remote code execution flaws in Windows Media Player, PowerPoint, the Graphics Rendering Engine and Window's Routing and Remote Access service rounds out the rest of the critical patches. Media Player's problems revolve around the handling of PNG files. PowerPoint's patch fixes a flaw related to malformed records within PPT files.
The vulnerability within the Graphics Rendering Engine is due to issues with Windows Metafile, however it only affects Windows 98 and ME systems, according to the advisory. The vulnerability in Routing and Remote Access involves separate memory and registry corruption vulnerabilities.
In all cases, an attacker could take complete control of an affected system.
Of the "important" updates, one affects Exchange Server and two others for Windows. Users running Outlook Web Access are at risk for remote code execution from specially crafted scripts within malicious e-mail messages. However, the e-mail needs to be opened in order for the exploit to occur.
An elevation of privilege and invalid handle vulnerabilities have been fixed in an update to Windows Server Message Block application, and flaws in the TCP/IP protocol driver have also been repaired.
Finally, a problem in RPC Mutual Authentication that posed a spoofing risk has been fixed. The patch was only rated "moderate" as the user would need to connect to a malicious RPC Server, and Windows 2000 Service Pack 4 is the only affected operating system version.
This Patch Tuesday was Microsoft's largest since February of last year and second largest overall. At TechEd 2006 in Boston this week, the company has pledged to make Windows Vista more secure, and has implemented new programs to catch issues before software is publicly released.