Microsoft Patch Tuesday details

MS08-030
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
Performing a large number of SDP requests could allow for code execution.

MS08-031
Cumulative Security Update for Internet Explorer (950759)
Vulnerabilities in MSIE allow code execution and cross domain information leaks.
Should be patched immediately as details on exploiting are publically available.
Rated:Critical
Replaces MS08-024.

MS08-032
Cumulative Security Update of ActiveX Kill Bits (950760)
A vulnerability in the Speech API could allows for remote execution in the context of the user viewing a specially crafted webpage. Speech recognition must be enabled.
Rated: Moderate
Replaces MS08-023.

MS08-033
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
Input validation vulnerabilities may allow code execution via DirectX.
Rated: Critical
Replaces MS07-064.

MS08-034
Vulnerability in WINS Could Allow Elevation of Privilege (948745)
A privilege escalation vulnerability in WINS could allows an attacker to compromise a vulnerable system.
Rated: Important
Replaces MS04-045.

MS08-035
Vulnerability in Active Directory Could Allow Denial of Service (953235)
Input validation failure in the LDAP can lead to a Denial of Service.
Rated: Important
Replaces MS08-003.

MS08-036
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
Input validation vulnerabilities in PGM packets can be leveraged to cause a Denial of Service.

Rated:Important

Replaces MS06-052.

Windows Advance Notification for June

Tomorrow Microsoft will be releasing updates for their monthly patch cycle. It looks like there will be 3 critical rated vulnerabilities. One of which is in the bluetooth service. This one is interesting as it’s listed as being remotely exploitable. Assuming that it’s exploitable over the bluetooth interface, this one could be very interesting. Watch for exploits for this vulnerabilities showing up in every attackers repitoire if it’s viable.

Microsoft Security Bulletin Summary for April 2008

Microsoft released a total of 5 Critical and 3 Important security bulletins for the month of April. The breakdown is as follows:

MS08-018 – Critical – Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)

Undisclosed vulnerabilities in Microsoft Office Project. These could allow an attacker to use a specially crafted Project file to take complete control of the affected system.

Affected software:
Microsoft Project 2000 Service Release 1 (KB949043)
Microsoft Project 2002 Service Pack 1 (KB949005)
Microsoft Project 2003 Service Pack 2 (KB948962)

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-018.mspx

MS08-021 – Critical – Vulnerabilities in GDI Could Allow Remote Code Execution (948590)

Undisclosed vulnerabilities in GDI. These could allow an attacker to use a specially      crafted EMF or WMF image files to take complete control of the affected system.

Affected Software
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium based Systems
(Note that for the above platforms MS08-021 replaces MS07-046)
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx

MS08-022 – Critical – Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)

Undisclosed vulnerabilities in the VBScript and JScript scripting engines. These could allow an attacker to take complete control of the affected system.

Affected Software
VBScript 5.1 and JScript 5.1 on Microsoft Windows 2000 Service Pack 4
VBScript 5.6 and JScript 5.6 on Microsoft Windows 2000 Service Pack 4
VBScript 5.6 and JScript 5.6 on Windows XP Service Pack 2
VBScript 5.6 and JScript 5.6 on Windows XP Professional x64 Edition and Windows XP     Professional x64 Edition Service Pack 2
VBScript 5.6 and JScript 5.6 on Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
VBScript 5.6 and JScript 5.6 on Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
VBScript 5.6 and JScript 5.6 on Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium based Systems
(Note that for the above platforms MS08-022 replaces MS06-023)

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-022.mspx

MS08-023 – Critical – Security Update of ActiveX Kill Bits (948881)

An undisclosed vulnerability for ActiveX components. The vulnerability could allow an attacker to use a specially crafted Web page as a vector for remote code execution. The
severity of any compromise may depend upon the level of administrative rights of the user account.

Affected Software:
Microsoft Windows 2000 Service Pack 4 with Internet Explorer 5.01 Service Pack 4
Microsoft Windows 2000 Service Pack 4 with Internet Explorer 6 Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-023.mspx

MS08-024 – Critical – Cumulative Security Update for Internet Explorer (947864)

This security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Windows 2000 Service Pack 4
with Internet Explorer 5.01 Service Pack 4
or Internet Explorer 6 Service Pack 1

Windows XP Service Pack 2
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
with Internet Explorer 6

Windows XP Service Pack 2
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems
with Internet Explorer 7

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

MS08-020 – Important – Vulnerability in DNS Client Could Allow Spoofing (945553)

An undisclosed vulnerability that could allow an attacker to spoof or redirect Internet traffic on affected systems.

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx

MS08-025 – Important –Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)

An undisclosed vulnerability in the Windows kernel. Can allow a local attacker to take complete control of an affected system.

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-025.mspx

MS08-019 – Important –Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)

Undisclosed vulnerabilities in Microsoft Office Visio. These could allow an attacker to use specially crafted Visio files to perform remote code execution or take complete control of an affected system.

For full details see the original advisory at:
http://www.microsoft.com/technet/security/bulletin/ms08-019.mspx

Microsoft Patch Tuesday Information

MS08-001

Addresses vulnerabilities in the TCP/IP stack that could lead to the execution of arbitrary code or Denial of Service conditions. It is rated Critical. This bulletin replaces MS06-032. The Microsoft security bulletin can be found at:http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx

MS08-002

Addresses vulnerabilities in input validation errors in Local Security Authority Subsystem Service (LSASS) that could lead to execution of code or privilege escalation. The Microsoft security bulletin can be found at: http://www.microsoft.com/technet/security/Bulletin/MS08-002.mspx