Microsoft releases four critical patch updates

By Bill Brenner, Senior News Writer 10 Apr 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

One security expert described two of the flaws as "very wormable" because they are server-side glitches attackers can exploit remotely without the user getting involved.

The new patches arrive as IT administrators continue to test and install the fix released last week in MS07-017, which addressed a widely-attacked flaw in the way Windows handles animated cursor (.ani) files.

Four critical updates
Microsoft described the critical flaws addressed Tuesday as those an attacker could exploit to take complete control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.

Windows ANI flaw: Windows ANI patch problems reported: Some IT administrators are having trouble installing the Windows ANI patch. Meanwhile, the researcher who discovered the flaw said Firefox is also vulnerable. Microsoft releases patch for Windows ANI flaw: Security companies are seeing massive attacks against the Windows ANI zero-day flaw, prompting Microsoft to rush out a fix a week before Patch Tuesday. Microsoft warns of Windows zero-day; third-party fix released: Attackers are exploiting a new zero-day flaw in Windows, Microsoft confirmed Thursday. eEye Digital Security has released a temporary patch.

MS07-018 fixes flaws in Microsoft Content Management Server 2001 Service Pack 1 and 2002 Service Pack 2. One problem is in how the server handles a specially crafted HTTP request. It is also prone to a cross-site scripting and spoofing vulnerability. If a malicious script is run, attackers could execute malicious code in the security context of the user. Microsoft did note that attempts to exploit this flaw require user interaction.

MS07-019 fixes a flaw in how the Windows Universal Plug and Play service handles specially crafted HTTP requests. The problem affects Windows XP Service Pack 2, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2.

Eric Schultze, chief security architect at Shavlik Technologies LLC, in Roseville, Minn., said the flaws in MS07-018 and MS07-019 are the most wormable holes he has seen in some time.

"Both are server-side attacks that could be remotely exploited over the Internet without the user doing anything," he said. "Every XP box on the planet is vulnerable to the Plug and Play flaw. Attackers will be very excited about these."

MS07-020 fixes a glitch in how the Microsoft Agent handles certain specially crafted URLs. This affects Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003, Windows Server 2003 Service Pack 1, Server 2003 Service Pack 2, Windows Server 2003 x64 Edition with Service Pack 1;Windows Server 2003 x64 Edition with Service Pack 2, Windows Server 2003 for Itanium-based Systems, Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems.

MS07-021 fixes flaws in how the Windows Client/Server Run-time Subsystem (CSRSS) handles error messages and connections during the startup and stopping of processes. The problems affect all versions of Windows, including Vista.

Important update
The software giant released an update rated important this month. MS07-022 fixes a privilege elevation vulnerability in the Windows Kernel due to incorrect permissions on a mapped memory segment. The flaw affects Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003, Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2.

Schultze expects exploit code for all five issues to flood the Internet over the next few weeks. But MS07-018 and MS07-019 are the ones IT administrators should install first.

"I would patch the first two right away," he said. "If you have an XP system and the firewall isn't turned on, it may no longer be your XP system."

Tags: Windows Security: Alerts, Updates and Best Practices,  Security Patch Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Security: Alerts, Updates and Best Practices Microsoft to address flaws in Windows, Office for Mac Microsoft fixes security update that breaks Internet Explorer What is the best database patch management process? Microsoft addresses critical SMBv2 flaw, fixes record number of flaws Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities Microsoft releases temporary fix for SMB2 zero-day vulnerability Microsoft issues SMB vulnerability advisory, patch pending Attackers target Microsoft IIS; new SMB flaw discovered Microsoft repairs Windows media, TCP/IP vulnerabilities Microsoft five critical updates won't include IIS Security Patch Management Squad: Tokenization, Phishing and the Feds Should management processes change based on a patch release schedule? Should Windows Mobile updates come from Microsoft? Adobe updates ColdFusion, JRun, Flex Trusteer CEO criticizes Adobe, touts better patch deployments Patch management study shows IT taking significant risks Vulnerability mitigation study shows need for faster patching Microsoft to issue security report card, new tool at Black Hat How to manage patches for Adobe When is it suitable to remove Java updates?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary BotHunter  (SearchSecurity.com) principle of least privilege (POLP)  (SearchSecurity.com) security identifier  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary