Today, as they do every 2nd Tuesday of the month, Microsoft released their monthly collection of patches. Compared to last month’s release, with 34 vulnerabilities fixed, this month comes in at a relatively light 11 vulnerabilities. Without further ado, here is the list of vulnerabilities fixed in this month’s patches.
|
CVE-2010-0818
|
A vulnerability in the MPEG-4 codec can lead to remote code execution. As video files can be embedded in HTML pages, this could be used for “drive by” attacks.
|
|
CVE-2010-0820
|
A vulnerability in the LDAP LSASS layer can lead to remote code execution. This vulnerability only affects LDAP/Active Directory servers, and requires the attacker to be authenticated.
|
|
CVE-2010-1891
|
A vulnerability in the Client/Server Runtime Subsystem can lead to elevation of privilege. This issue can only be exploited locally, and only affects Chinese/Japanese/Korean Windows installs.
|
|
CVE-2010-1899
|
A vulnerability in the IIS web server can lead to a denial of service.
|
|
CVE-2010-2563
|
A vulnerability in WordPad can lead to code execution when opening Word 97 files (.wri or .doc). This vulnerability appears to be the most severe when Microsoft Office is not installed, as malicious .wri/.doc files will be opened in Office instead of WordPad if it is installed.
|
|
CVE-2010-2567
|
A vulnerability in the RPC stack can lead to remote code execution. Exploiting this vulnerability requires the client to connect to a malicious RPC server.
|
|
CVE-2010-2728
|
A vulnerability in Outlook can lead to code execution when viewing or previewing a malicious email. This vulnerability only affects Outlook when it is actively connected to an Exchange server.
|
|
CVE-2010-2729
|
A vulnerability in the Windows print spooler allows an attacker to place arbitrary executable files in the System directory. This vulnerability only affects systems configured to share printers. This vulnerability is being exploited in the wild.
|
|
CVE-2010-2730
|
A vulnerability in the IIS web server’s FastCGI module allows for remote code execution. FastCGI is not enabled by default in IIS.
|
|
CVE-2010-2731
|
A vulnerability in the IIS web server can allow an attacker to bypass directory-level security restrictions.
|
|
CVE-2010-2738
|
A vulnerability in Window’s Unicode Scripts Parser allows for remote code execution when displaying a malicious font. This vulnerability can be triggered either by a malicious web page, or malicious Office document.
|
The three vulnerabilities that stand out to me are CVE-2010-0818, CVE-2010-2728 and CVE-2010-2738. All three of these can be used to infect a client PC with little or no interaction from the user. These vulnerabilities can be exploited when a user views a web page, reads an email, or opens an Office document, all of which are normal, everyday behaviors. CVE-2010-2729 wouldn’t normally pique my interest as the print-sharing requirement reduces the vulnerability footprint. However, this vulnerability is being exploited in the wild, so deserves extra consideration. Microsoft has posted details on how to tell if you are affected or not here.
aicasiano
on:
May 2012 Microsoft Patch Tuesday Summary
