Microsoft resolves four critical vulnerabilities in Internet Explorer
As we reported on December 7, Microsoft has issued seven security updates and security bulletins to resolve a total of 11 vulnerabilities. One cumulative update (MS07-069) serves to resolve four vulnerabilities that Microsoft considers critical in Internet Explorer versions 5.01, 6 and 7, since they could allow remote code execution on a Windows PC if a user views a specially crafted web page using Internet Explorer. Criminals often exploit such bugs to distribute their malicious software using drive-by downloading in order to set up bot networks. Just last week, a Microsoft employee emphasized in a sharply criticized study that Internet Explorer contained fewer critical vulnerabilities that needed to be resolved than Firefox.
Opening multimedia content can also be hazardous. Update MS07-064 resolves two vulnerabilities in DirectShow in the parsing of AVI and WAV files and in the parsing of SAMI (Synchronized Accessible Media Interchange). Both vulnerabilities could cause the computer to become infected. The vulnerability resolved in Bulletin MS07-068 could also allow remote code execution when opening specially crafted files, handled by other media players in addition to Windows Media Player, in Windows Media Format Runtime.
In addition, MS07-063 resolves a vulnerability in Server Message Block Version 2 (SMBv2) that could allow an attacker to tamper with data transferred via SMBv2 and allow remote code execution in domain configurations communicating with SMBv2. However, according to the bulletin, the vulnerability only affects the Vista operating system, so Microsoft has only rated this update as important. The same is true for the vulnerability in Message Queuing Service (MSMQ) (as reported in MS07-065), which only affects Microsoft Windows 2000 Server, Microsoft Windows 2000 Professional, and Windows XP SP2. The vulnerability could allow an attacker to elevate his or her privileges on the system if the attacker already has valid logon credentials. The attacker could even execute malicious code using system admin rights on Windows 2000 servers.
The update in MS07-066 makes it no longer possible to exploit a vulnerability in the Windows kernel in Vista and take complete control of the system. According to the bulletin, the problem is based on the handling of certain access requests in Advanced Local Procedure Calls (ALPC). Last but not least, Microsoft has issued MS07-067 to resolve a vulnerability in the Macrovision SECDRV.SYS driver that comes with Windows XP and Server 2003. Macrovision issued the new driver several weeks ago. An attacker who has logged onto the system with limited privileges could exploit this vulnerability to elevate his or her privileges and take complete control of the system.
As in previous months, Microsoft has also released an updated version of its Malicious Software Removal Tool (MSRT), which checks computers for infections by specific, prevalent malicious software and helps remove any infection found. All of the updates and the MSRT are being distributed via Automatic Updates or can be installed via the Windows Update.