[security-alerts] FW: Microsoft Update for Windows Animated Cursor Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

Ну вот - патч вышел и SANS понизил уровень опасности.
Правда с ним тоже возможны проблемы - см. 
http://isc.sans.org/diary.html?n&storyid=2562



> -----Original Message-----
> From: US-CERT Technical Alerts [mailto:technical-alerts@xxxxxxxxxxx] 
> Sent: Tuesday, April 03, 2007 11:49 PM
> To: technical-alerts@xxxxxxxxxxx
> Subject: US-CERT Technical Cyber Security Alert TA07-093A -- 
> Microsoft Update for Windows Animated Cursor Vulnerability
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
>                         National Cyber Alert System
> 
>                   Technical Cyber Security Alert TA07-093A
> 
> 
> 
> Microsoft Update for Windows Animated Cursor Vulnerability
> 
>    Original release date: April 3, 2007
>    Last revised: --
>    Source: US-CERT
> 
> 
> Systems Affected
> 
>    Microsoft Windows 2000, XP, Server 2003, and Vista are affected.
>    Applications that provide attack vectors include
> 
>      * Microsoft Internet Explorer
>      * Microsoft Outlook
>      * Microsoft Outlook Express
>      * Microsoft Windows Mail
>      * Microsoft Windows Explorer
> 
> 
> Overview
> 
>    Microsoft has released updates to address vulnerabilities 
> in the way
>    that Microsoft Windows handles image files. A fix for the animated
>    cursor buffer overflow vulnerability (VU#191609) is 
> included in these
>    updates.
> 
> 
> I. Description
> 
>    Microsoft has released Security Bulletin MS07-017 to correct
>    vulnerabilities in the way that Microsoft Windows handles 
> image files.
>    This update includes a fix for the animated cursor ANI header stack
>    buffer overflow vulnerability (VU#191609).
> 
>    More information about the animated cursor buffer overflow
>    vulnerability is available in Vulnerability Note VU#191609 and in
>    Technical Cyber Security Alert TA07-089A. Refer to 
> Microsoft Security
>    Bulletin MS07-017 for more information on the other 
> vulnerabilities.
> 
> 
> II. Impact
> 
>    Applying these updates will mitigate the vulnerability described in
>    Technical Cyber Security Alert TA07-089. The impact of 
> exploiting that
>    vulnerability is that a remote, unauthenticated attacker 
> could execute
>    arbitrary code or cause a denial-of-service condition.
> 
> 
> III. Solution
> 
> Install updates from Microsoft
> 
>    Microsoft has released updates for this and other image processing
>    vulnerabilities in Microsoft Security Bulletin MS07-017.
> 
>    Note that this is only part of the Microsoft security 
> update release
>    for April 2007. According to Microsoft:
> 
>      Microsoft will update this bulletin summary with any 
> other security
>      bulletins that release on April 10 or on any other day of the
>      month, as deemed appropriate. 
> 
>    Refer to Technical Cyber Security Alert TA07-089A and Vulnerability
>    Note VU#191609 for information about workarounds that may 
> reduce the
>    chances of exploitation until updates can be applied.
> 
>    System administrators may wish to consider using an automated patch
>    distribution system such as Windows Server Update Services (WSUS).
> 
> 
> IV. References
> 
>      * US-CERT Technical Cyber Security Alert TA07-089A -
>        <http://www.us-c ert.gov/cas/techalerts/TA07-089A.html>
> 
>      * Vulnerability Note VU#191609 -
>        <http://www.kb.cert.org/vuls/id/191609>
> 
>      * Microsoft Security Bulletin MS07-017 -
>        
> <http://www.microsoft.com/technet/security/bulletin/ms07-017.mspx>
> 
>      * Microsoft Security Advisory (935423) -
>        
> <http://www.microsoft.com/technet/security/advisory/935423.mspx>
> 
>      * Microsoft Security Bulletin Summary for April 2007 -
>        
> <http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx>
> 
>      * Microsoft Security Response Center Blog -
>        <http://blogs.technet.com/msrc/search.aspx?q=935423>
> 
>      * Windows Server Updates Services -
>        
> <http://www.microsoft.com/windowsserversystem/updateservices/d
> efault.mspx>
> 
>  ____________________________________________________________________
> 
>    The most recent version of this document can be found at:
> 
>      <http://www.us-cert.gov/cas/techalerts/TA07-093A.html>
>  ____________________________________________________________________
> 
>    Feedback can be directed to US-CERT Technical Staff. Please send
>    email to <cert@xxxxxxxx> with "TA07-093A Feedback VU#191609" in the
>    subject.
>  ____________________________________________________________________
> 
>    For instructions on subscribing to or unsubscribing from this
>    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
>  ____________________________________________________________________
> 
>    Produced 2007 by US-CERT, a government organization.
> 
>    Terms of use:
> 
>      <http://www.us-cert.gov/legal.html>
>  ____________________________________________________________________
> 
>    Revision History
> 
>    April 3, 2007: Initial release
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> 
> iQEVAwUBRhKrm+xOF3G+ig+rAQLUEQf+PFYMNUUuZ/QaM2JDuCYjtYawjJbnBAqN
> YUsV+zHxtEs4mD+YPJhfBCeJgJm2FrXNmwKFJgZ8atRHWyNb/pW56Os3A24hlRxW
> cYE+6KQEfRSECamCdxIaNZyG3mizIEQlyz+IWOL10nerRUeZwAVj1Ohc1aujSsHB
> ZSGXFfpRkhH7qt4x6yYXkT4j6lIsWuB6VdemIzCNxbZ7FvEpNsqVIxXHV6KbEykv
> ZP8r0RwDVqOTz2pvVUAFamYc2udlxULeTGjh85AGzbnZtrobOMO+gkvh+7Dmzygr
> Eu5Obn2HyyJwGeZFY31bmFBe/0G9AtTGRqHLRR7UWMXQ3Gt9X2gL8w==
> =b2qi
> -----END PGP SIGNATURE-----
>