Two Microsoft holes more complicated than deadly

Experts describe a WordPerfect converter fix as straightforward, but a critical buffer-overrun vulnerability involving .jpg images will require more work for administrators to clean up.

Patches for two newly discovered vulnerabilities in Microsoft products go a long way toward fixing the problem, but many users may still have work to do to ensure that their systems are completely safe, experts say.

The flaws, one of them critical, could allow an attacker to launch malicious code, change or delete data, or create accounts with administrative privileges.

Microsoft released the two patches Tuesday. MS04-028 fixes a "critical" buffer-overrun vulnerability in the processing of .jpg image formats that could allow remote code execution on an affected system.

MS04-027 is rated "important" and affects various Microsoft Office products. The patch fixes a remote code execution vulnerability in the WordPerfect 5.x converter that is provided as part of the software.

Far-reaching implications

Eric Schultze, chief security architect with Shavlik Technologies LLC, in Roseville, Minn., said he doesn't expect either of the flaws to ultimately cause mass pandemonium. But, he

For more information

Read more about the two latest bulletins from Microsoft

 

Browse a list of Best Web Links on patch management
explained, cleaning up the problem with the way certain products read .jpg files could take years.

"There is a flaw in the way that things are displayed such that I can send you an evil picture," Schultze said. "The problem is that the particular flawed component ships in several third-party products."

Joe Burkley, director of patch development with PatchLink Corp. in Scottsdale, Ariz., added that while the automatic updates offered by Microsoft fix the .jpg flaw in its Windows operating system and Office products, several lesser known Microsoft applications may still be affected.

"There are still a number of Microsoft applications which will remain vulnerable, and [Microsoft] recommends doing a manual update [for those]", Burkley said.

WordPerfect converter fix

Experts said the flaw in Microsoft's WordPerfect converter coding is a much more straightforward fix. Patches for the problem cover Microsoft Office 2000, Windows XP and Office 2003.

Schultze pointed out that this is the second fix issued for the WordPerfect converter in recent memory. Last fall, Microsoft released a fix for a similar flaw that could lead to buffer overruns.

Schultze speculated that the latest vulnerability may have been initially exploited by hackers who started looking more closely at the WordPerfect converter after the earlier fix was released.

Regardless of how the vulnerability was discovered, Schultze added, it should serve as an important reminder.

"Don't open attachments or documents from people you don't know," Schulze said. "Secondly, apply the patch. That way if you do happen to open this document, it's not going to hack you."

Note: This article originally appeared on SearchWindowsSecurity.com.

Dig deeper on Security patch management and Windows Patch Tuesday news

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close