Contact Us Today! (215) 853-2266

Bardissi Enterprises Blog

Bardissi Enterprises has been serving the Hatfield area since 2000, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

LiveSecurity | Urgent:Half-Dozen Security Flaws in Windows; Two Critical

Severity: High

10 June, 2008

Summary:

  • These vulnerabilities affect: All current versions of Windows
  • How an attacker exploits them: Multiple vectors of attack, including sending specially crafted packets or enticing your users into downloading and playing media files
  • Impact: Various results; in the worst case, attacker can gain complete control of your Windows computer
  • What to do: Install the appropriate Microsoft patches immediately

Exposure:

Today, Microsoft released six security bulletins describing vulnerabilities that affect Windows and components shipping with it. Each vulnerability affects different versions of Windows to a different extent. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PCs. The summary below lists the vulnerabilities in order from highest to lowest severity.

MS08-033: Two DirectX Remote Code Execution Vulnerabilities

Severity: High

10 June, 2008

Summary:

  • These vulnerabilities affect: All current versions of Windows
  • How an attacker exploits them: Multiple vectors of attack, including sending specially crafted packets or enticing your users into downloading and playing media files
  • Impact: Various results; in the worst case, attacker can gain complete control of your Windows computer
  • What to do: Install the appropriate Microsoft patches immediately

Exposure:

Today, Microsoft released six security bulletins describing vulnerabilities that affect Windows and components shipping with it. Each vulnerability affects different versions of Windows to a different extent. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PCs. The summary below lists the vulnerabilities in order from highest to lowest severity.

MS08-033: Two DirectX Remote Code Execution Vulnerabilities

DirectX is a collection of application programming interfaces (APIs) which ships with all versions of Windows; coders use it to create multimedia content. According to Microsoft, DirectX suffers from two security vulnerabilities involving the way it handles certain media content. Though they differ technically, both vulnerabilities share the same general characteristics: By luring one of your users into downloading and opening a maliciously crafted multimedia file, an attacker can exploit either of these vulnerabilities to execute code on that user’s computer, inheriting that user’s privileges. Typically, Windows users have local administrative privileges, in which case the attacker could gain complete control of the victim’s computer. The primary difference between these flaws involves which multimedia file the attacker can use to exploit them. The potentially dangerous files include Synchronized Accessible Media Interchange files (.sami) and MJPEF video files (.asf, .avi).
Microsoft rating: Critical.

MS08-030: Bluetooth Stack Code Execution Vulnerability

Windows ships with its own Bluetooth stack to support the Bluetooth wireless connectivity standard. According to Microsoft’s bulletin, the Windows Bluetooth stack suffers from a remote code execution vulnerability due to its inability to handle a large number of service description requests correctly. By sending a large number of such requests to one of your users, an attacker could exploit this flaw to execute code on that user’s computer, with that user’s privileges. If your users have local administrative privileges, an attacker could then leverage this vulnerability to gain complete control of their PCs. (Of course, only Windows devices that have Bluetooth suffer from this vulnerability.)
Microsoft rating: Critical.

MS08-034: WINS Elevation of Privilege Vulnerability

Windows Internet Name Service (WINS) is a Windows service that translates NetBIOS names into addresses on a TCP/IP network. WINS suffers from an elevation of privilege vulnerability in which it is unable to correctly validate the data structures within specifically crafted WINS network packets. By sending specially crafted packets to one of your Windows computers, an attacker could exploit this vulnerability to execute code on that computer with the full system privileges. In other words, the attacker would gain complete control of that machine.
Microsoft rating: Important.

MS08-035: Active Directory Denial of Service Vulnerability

Active Directory is the Windows component that provides central authentication and authorization services for Windows computers. Active Directory runs on Windows servers, but it is also found on Windows clients as the Active Directory Application Mode (ADAM) service. Microsoft’s security bulletin warns of an unspecified Denial of Service (DoS) vulnerability involving the way Active Directory handles specially crafted LDAP packets. By sending a malicious LDAP request, a remote attacker could exploit this vulnerability to cause your Windows computer to lock up or to reboot. The attacker could repeatedly exploit this vulnerability to keep your Windows machines offline for as long as he could sustain this attack. However, most administrators don’t allow LDAP traffic (TCP ports 389 and 3268) through their perimeter firewall; therefore, this vulnerability primarily poses an internal threat. This vulnerability is nearly identical to MS08-003, which we reported in our February Windows alert, except that the new flaw affects Windows Server 2008 as well.
Microsoft rating: Important.

MS08-036: Pragmatic General Multicast (PGM) Denial of Service Vulnerabilities

According to Microsoft, Pragmatic General Multicast (PGM) is a reliable and scalable multicast protocol. According to a Wikipedia article though, PGM is an IETF experimental protocol and is not yet a standard. Microsoft’s bulletin describes two DoS vulnerabilities in Microsoft’s implementation of PGM. By sending specially crafted PGM packets, a remote attacker could exploit either of these vulnerabilities to cause your Windows computer to lock up or reboot. The attacker could repeatedly exploit this vulnerability to keep your Windows machines offline for as long as he could sustain this attack. By default, however, PGM is not enabled on many Windows computers.
Microsoft rating: Important.

MS08-032: Speech Recognition Code Execution Vulnerability

Windows ships with a Speech Recognition component which allows you to issue voice commands to your Windows computer through a microphone. Researchers have pointed out that by enticing a user into playing back an audio file, an attacker could exploit the Speech Recognition feature to execute commands on that user’s computer, with that user’s privileges. Since you can embed audio into web pages, attackers could exploit this flaw simply by luring one of your users to a malicious web site. However, many mitigating factors greatly limit the severity of this flaw; one is that Speech Recognition is not enabled by default in Windows.
Microsoft rating: Moderate.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately.

Note: Microsoft no longer officially supports Windows NT 4.0, 98, ME or XP with SP1. If you manage any of these operating systems, Microsoft suggests you migrate to supported versions in order to prevent potential exposure to vulnerabilities. You can learn more about Microsoft’s extended security update support at its Product Support Services Web site.

MS08-033:

 

MS08-030:

Doesn’t affect Windows 2000, Server 2003, or Server 2008

MS08-034:

Doesn’t affect the non-server versions of Windows, or Server 2008

MS08-035:

MS08-036:

Doesn’t affect Windows 2000

MS08-032:

For All WatchGuard Users:

WatchGuard Fireboxes, by default, reduce the risks presented by some of these vulnerabilities. However, attackers could exploit many of them locally, without passing traffic through your firewall. For that reason, we urge you to apply the patches above.

Status:

Microsoft has released patches correcting these issues.

References:

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 23 December 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Recent Comments

Tip of the Week: Which Headphones are Right for Your Needs?
23 April 2018
I will recommend Plantronics Backbeat Pro 2 SE Noise cancelling Headset with it's Great features.
Gamification: Make Business Fun for Everyone
27 January 2017
The world is based on the games. There are many types of games as per the aussie essay writing servi...
Let's Talk Tablets
12 January 2017
The concept of tablet is far better than that of PC because you can bring them with you everywhere a...
Tip of the Week: Tweak Your Workday in These 4 Ways and See Major Results
12 January 2017
The only thing will I will say regarding this blog is that it is very helpful at least for me. As I ...
WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro
23 December 2016
I really needed to know about the fireware but i was confused that where can i find information abou...