Computerworld weekly threat wrap-up

14 April, 2010

Next: Top vulnerabilities for April

Qualys' April vunerability report

Title QualysID CVE Reference Ext. Reference
Adobe Flash Player Multiple Vulnerabilities 115593 CVE-2007-2022


CVE-2007-3456
CVE-2007-3457

APSB07-12
Adobe Flash Player Update Available to Address Security Vulnerabilities 116244 CVE-2009-0519

CVE-2009-0520
CVE-2009-0522
CVE-2009-0114
CVE-2009-0521


APSB09-01
Adobe Acrobat and Adobe Reader Multiple Vulnerabilities 115847 CVE-2008-2641
APSB08-15
Adobe Reader JavaScript Methods Memory Corruption Vulnerability 116399 CVE-2009-1492
CVE-2009-1493
APSA09-02 and APSB09-06
Sun Java Multiple Vulnerabilities 116174 CVE-2008-2086


CVE-2008-5339
CVE-2008-5340
CVE-2008-5341

CVE-2008-5342
CVE-2008-5343
CVE-2008-5344
CVE-2008-5345


CVE-2008-5348
CVE-2008-5350
CVE-2008-5351

CVE-2008-5353
CVE-2008-5354
CVE-2008-5356
CVE-2008-5357


CVE-2008-5359
CVE-2008-5360

244988 and others
Microsoft Office PowerPoint Could Allow Remote Code Execution 110094 CVE-2009-0556

CVE-2009-0220
CVE-2009-0221
CVE-2009-0222
CVE-2009-0223


CVE-2009-0224
CVE-2009-0225
CVE-2009-0226

CVE-2009-0227
CVE-2009-1128
CVE-2009-1129
CVE-2009-1130


CVE-2009-1131
CVE-2009-1137

MS09-017
Microsoft Excel Remote Code Execution Vulnerability 110093 CVE-2009-0238

CVE-2009-0100

MS09-009
Sev4 Microsoft Word Multiple Remote Code Execution Vulnerabilities 110092 CVE-2008-4024
CVE-2008-4025
CVE-2008-4026


CVE-2008-4027
CVE-2008-4028
CVE-2008-4030

CVE-2008-4031
CVE-2008-4837

MS08-072
WordPad and Office Text Converters Remote Code Execution Vulnerability 90474 CVE-2008-4841
CVE-2009-0087


CVE-2009-0088
CVE-2009-0235

MS09-010
Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution 90503 CVE-2009-1537

CVE-2009-1538
CVE-2009-1539

MS09-028

Microsoft’s April security bulletin assessment

Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely first 30 days impact Platform mitigations and key notes
MS10-027

(WMP)
Victim browses to a malicious webpage. Critical 1 Likely to see reliable exploit code developed Windows Vista, Windows Server 2008, and Windows 7 not affected
MS10-026

(DirectShow)
Victim browses to a malicious webpage or opens a malicious AVI movie. Critical 1 Likely to see reliable exploit code developed Windows 7 codec is not vulnerable.
MS10-019

(WinVerifyTrust)
Victim double-clicks a malicious EXE or allows malicious content to run because content claims to be signed by a trusted publisher. Critical 2 Likely to see effective proof-of-concept code released to downgrade Authenticode checks from v2 down to v1. Authenticode v1 is a weaker algorithm. To reach code execution, attackers will need to find an Authenticode v1 bypass. Microsoft Update and Windows Update clients not directly vulnerable to this threat.
MS10-020

(SMB Client)
Attacker hosts malicious SMB server within enterprise network. Attacker lures victim to click on a link that causes victim to initiate an SMB connection to the malicious SMB server. Critical 2 Proof-of-concept code already exists for denial-of-service vulnerability. May see unreliable exploit code developed for other client-side SMB vulnerabilities that most often results in denial-of-service. Egress filtering at most corporations will limit exposure to attacker within enterprise network.

Several issues with differing exploitability. Please see SRD blog for more information.
MS10-022

(VBScript)
Victim browses to a malicious webpage and is tricked into clicking F1 on a VBScript messagebox. Important 1 Public exploit code exists for code execution after a user presses F1. Have not heard reports of real-world attacks yet, despite public exploit code. Vulnerability not reachable on Windows 7, Windows Server 2008, and Windows Vista by default. Bulletin rated defense-in-depth for those platforms.

Windows Server 2003 not vulnerable by default due to Enhanced Security Configuration.
MS10-025

(Windows Media Services)
If a victim Windows 2000 machine has enabled Windows Media Services, an attacker can send network-based attack over port 1755 (TCP or UDP). Critical 1 Likely to see reliable exploit code developed. Only Windows 2000 is affected.
MS10-021

(Kernel)
Attacker able to run code locally on a machine exploits a vulnerability to run code at a higher privilege level. Important 1 Likely to see reliable exploit code developed for one or more of these eight vulnerabilities. SRD blog post explaining the Windows registry link vulnerabilities.
MS10-024

(SMTP Service)
Attacker causes SMTP Service running on 64-bit Windows Server 2003 to crash by initiating a DNS lookup handled by a malicious DNS server. Important n/a No chance for code execution. May see proof-of-concept code that crashes SMTP Service but not for Exchange. Exchange Server not directly affected by denial-of-service vulnerability because vulnerable versions never shipped as 64-bit application. Security update applies to 32-bit Exchange Server to add additional DNS protections.
MS10-028

(Visio)
Victim opens malicious .VSD file Important 1 Visio exploits not often seen in the wild. Unsure whether we will see exploit released. Visio not installed by default with most Office installations.
MS10-023

(Publisher)
Victim opens malicious .PUB file Important 1 Publisher exploits not often seen in the wild. Unsure whether we will see exploit released.  
MS10-029

(ISATAP)
Attacker spoofs own source address by encapsulating iPv6 attack packet inside IPv4 wrapper. This may allow attacker to reach IPv6 destination that otherwise would be blocked. Moderate n/a May see proof-of-concept released publicly.  

Next: Comment from the vendors

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftVulnerabilitiesvirusesmcafeetrend micropanda securityqualyskasperskyesetsymatecexploitswormstrojansweekly threat wrap-up

More about Adobe SystemsEsetetworkExcelKasperskyKasperskyMcAfee AustraliaMicrosoftPandaPanda SecurityPSAQualysSymantecTrend Micro AustraliaVisio

Show Comments