nCircle.com >> 360 Security >> VERT

« Iterative Scanning | Main | Why ZDI Benefits Everybody. »

April Patch Tuesday, Take 2

In the end, it's not an overly big release for Microsoft. Even though they spanned two Tuesdays, there were only 6 patches released. Bringing us to a total of 22 patches, 4 months into the year.

This month looks a little more exciting that most. I'm sure by now, many people have seen either the pre-release notice (or the re-posting on 100s of blogs) or the advisories themselves but let's take a quick look at them anyways.

MS07-018 - 2 Vulnerabilities in Microsoft Content Management Server.


  • CMS Memory Corruption Vulnerability

  • CMS Cross-Site Scripting and Spoofing Vulnerability

While the XSS is only of Important risk, the memory corruption could lead to remote code execution, garnering it the Critical rating.


MS07-019 - Memory Corruption in UPnP.

This again can lead to remote code execution, so once again we're rated at Critical.

MS07-020 - Microsoft Agent URL Parsing.

This exploit requires user interaction... a user would have to purposely visit a website in order for the vulnerability to be exploited. The Critical rating has been assigned to this under 2K and XP, although due to IE running in restricted mode on 2K3, the risk has been rated as Moderate

Interestingly enough, IE7 is one of the mitigation methods for this vulnerability. So if you're running IE7 you won't be affected.


MS07-021 - 3 Vulnerabilities in Windows Client/Server Run-time Subsystem (CSRSS).


  • MsgBox (CSRSS) Remote Code Execution Vulnerability (Critical)

  • CSRSS Local Elevation of Privilege Vulnerability (Important [Vista Only])

  • CSRSS DoS Vulnerability (Moderate [Server Operating Systems] | Low [User Operating Systems])

This one is a little more interesting as Vista is affected by all three of these, the privilege escalation vulnerability is actually unique to Vista.


MS07-022 - Privilege Escalation in Windows Kernel.

Nothing interesting here, an Important rating across the board and Vista isn't affected.

That's about it, in the end we've got eight vulnerabilities with ratings ranging from Low to Critical. We've three vulnerabilities affecting Vista, two remote code execution vulnerabilities, two vulnerabilities requiring social engineering, and two vulnerabilities that lead to privilege escalation.

I'm actually quite surprised that we're seeing a DoS patched in MS07-021. It seems to go against Microsofts new "policy" of not patching Denial of Service vulnerabilities. At least I thought that was their policy, given the number of public Denial of Services that they are not patching. I'm guessing it was a freebie that they got while fixing the other two CSRSS vulns.

Posted by Tyler Reguly on April 10, 2007 11:37 AM |

TrackBack

TrackBack URL for this entry:
http://blog.ncircle.com/cgi-bin/mt-tb.cgi/199

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Verification (needed to reduce spam):

Search


About

This page contains a single entry from the blog posted on April 10, 2007 11:37 AM.

The previous post in this blog was Iterative Scanning.

The next post in this blog is Why ZDI Benefits Everybody..

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]