Si informano gli utenti che utilizzano sistemi operativi Microsoft che
sono stati rilasciati degli aggiornamenti critici di sicurezza. Per
tanto si raccomanda di provvedere, se non ancora fatto,
all`aggiornamento delle proprie macchine.
Domenica Quartarella
Servizio Calcolo
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Technical Cyber Security Alert TA05-284A
Microsoft Windows, Internet Explorer, and Exchange Server
Vulnerabilities
Original release date: October 11, 2005
Last revised: —
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Exchange Server
For more complete information, refer to the Microsoft Security
Bulletin Summary for October 2005.
Overview
Microsoft has released updates that address critical vulnerabilities
in Windows, Internet Explorer, and Exchange Server. Exploitation of
these vulnerabilities could allow a remote, unauthenticated attacker
to execute arbitrary code or cause a denial of service on an affected
system.
I. Description
Microsoft Security Bulletins for October 2005 address vulnerabilities
in Windows and Internet Explorer. Further information is available in
the following US-CERT Vulnerability Notes:
VU#214572 – Microsoft Plug and Play fails to properly validate user
supplied data
Microsoft Plug and Play contains a flaw in the handling of message
buffers that may result in local or remote arbitrary code execution or
denial-of-service conditions.
(CAN-2005-2120)
VU#883460 – Microsoft Collaboration Data Objects buffer overflow
A buffer overflow in Microsoft Collaboration Data Objects may allow a
remote, unauthenticated attacker to execute arbitrary code on a
vulnerable system.
(CAN-2005-1987)
VU#922708 – Microsoft Windows Shell fails to handle shortcut files
properly
Microsoft Windows Shell does not properly handle some shortcut files
and may permit arbitrary code execution when a specially-crafted file
is opened.
(CAN-2005-2122)
VU#995220 – Microsoft DirectShow buffer overflow
A buffer overflow in Microsoft DirectShow may allow a remote,
unauthenticated attacker to execute arbitrary code on a vulnerable
system.
(CAN-2005-2128)
VU#180868 – Microsoft Distributed Transaction Coordinator vulnerable
to buffer overflow via specially crafted network message
Microsoft Distributed Transaction Coordinator (MSDTC) may be
vulnerable to a flaw that allows remote, unauthenticated attackers to
execute arbitrary code.
(CAN-2005-2119)
VU#950516 – Microsoft COM+ contains a memory management flaw
Microsoft COM+ contains a vulnerability due to a memory management
flaw that may allow an attacker to take complete control of an
affected system.
(CAN-2005-1978)
VU#959049 – Several COM objects cause memory corruption in Microsoft
Internet Explorer
Microsoft Internet Explorer will initialize COM objects that were not
intended to be used in the web browser. Several COM objects have been
identified that may allow an attacker to execute arbitrary code or
crash Internet Explorer.
(CAN-2005-2127)
VU#680526 – Microsoft Internet Explorer allows non-ActiveX COM objects
to be instantiated
Microsoft Internet Explorer will initialize COM objects that were not
intended to be used in the web browser. This may allow an attacker to
execute arbitrary code or crash Internet Explorer.
(CAN-2005-0163)
II. Impact
Exploitation of these vulnerabilities may allow a remote,
unauthenticated attacker to execute arbitrary code with SYSTEM
privileges or with the privileges of the user. If the user is logged
on with administrative privileges, the attacker could take complete
control of an affected system. An attacker may also be able to cause a
denial of service.
III. Solution
Apply Updates
Microsoft has provided the updates for these vulnerabilities in the
Security Bulletins and on the Microsoft Update site.
Workarounds
Please see the following US-CERT Vulnerability Notes for workarounds.
Appendix A. References
* Microsoft Security Bulletin Summary for October 2005 –
<www.microsoft.com/technet/security/bulletin/ms05-oct.mspx>
* US-CERT Vulnerability Note VU#214572 –
<www.kb.cert.org/vuls/id/214572>
* US-CERT Vulnerability Note VU#883460 –
<www.kb.cert.org/vuls/id/883460>
* US-CERT Vulnerability Note VU#922708 –
<www.kb.cert.org/vuls/id/922708>
* US-CERT Vulnerability Note VU#995220 –
<www.kb.cert.org/vuls/id/995220>
* US-CERT Vulnerability Note VU#180868 –
<www.kb.cert.org/vuls/id/180868>
* US-CERT Vulnerability Note VU#950516 –
<www.kb.cert.org/vuls/id/950516>
* US-CERT Vulnerability Note VU#959049 –
<www.kb.cert.org/vuls/id/959049>
* US-CERT Vulnerability Note VU#680526 –
<www.kb.cert.org/vuls/id/680526>
* CAN-2005-2120 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2120>
* CAN-2005-1987 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1987>
* CAN-2005-2122 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2122>
* CAN-2005-2128 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2128>
* CAN-2005-2119 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2119>
* CAN-2005-1978 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1978>
* CAN-2005-2127 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2127>
* CAN-2005-0163 –
<cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0163>
* Microsoft Update – <update.microsoft.com/microsoftupdate>
_________________________________________________________________
The most recent version of this document can be found at:
<www.us-cert.gov/cas/techalerts/TA05-284A.html>
_________________________________________________________________
Feedback can be directed to US-CERT. Please send email to:
<cert@cert.org> with “TA05-284A Feedback VU#959049” in the subject.
_________________________________________________________________
Revision History
Oct 11, 2004: Initial release
_________________________________________________________________
Produced 2005 by US-CERT, a government organization.
Terms of use
<www.us-cert.gov/legal.html>
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <www.us-cert.gov/cas/>.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQ0xBVn0pj593lg50AQJvOQf/QqIy3putm/wkUAUguQaylsCfC38Lysdc
bqbtj7oF6HEoCzhQguaqQdMGOqa4QJnrObnkHN29xFhYovKWOIYkYsh6c3IXaNLK
PdImVbcMFNn9VsBNNRVr2dqPXJPvgFFzQKsDcKkknnZyxLf5mshwDJoKFsKDGr9c
1P9yxwyagQ8G73gTq6hPV/Wl/6zElXH/chlh6haXe6XN9ArTmz8A3OCAN+BZQUqe
/9T4US8oxLeLlNDcQc/PV5v3VuXXW0v9kjEjqAVEH5tRKH/oIkVdgpj7gdrAzDjM
MUojHfl1v2/JwWubQ9DFQsBx4Jxv5YvJEREsU7RbVJotn02+Yaaeog==
=5hXu
—–END PGP SIGNATURE—–