NTA Monitor

Latest News

Finance industry faces serious IT security issues

23rd June 2008 The finance industry needs to keep its eye on the small change as well as the bigger picture of its security vulnerabilities Read More

Retail sector faces serious IT security issues

23rd June 2008 The retail sector needs to set out its stall and ring the changes in its security vulnerabilities if it is to avoid the potential for hackers to gain unauthorised system access and disrupt service availability Read More

IT managers have more security headaches to deal with

11th May 2008 NTA Monitor's 2008 Annual Security Report has revealed that the average number of vulnerabilities found per test have increased to 21 compared with 19 in 2007 Read More

Solutions not excuses for patch management warns NTA Monitor

23rd April 2008 Patch management is a vital security requirement for any organsation Read More
Date: 2nd October 2006
Risk: High

Microsoft's September bulletin issued 3 security updates addressing Windows and Office vulnerabilities. One issue is critical, one important and one moderate.

The critical flaw occurs when Microsoft Publisher parses a file with a malformed string and if successfully exploited, could result in remote code execution. If a user with administrative user rights was logged onto a system, an attacker successfully exploiting this vulnerability could take complete control of an affected system. They would be able to view, change or delete data, create new accounts with full user rights and install and remove programs. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Affected software is Microsoft Office 2000 Service Pack 3, Office Publisher 2000, Microsoft Office XP Service Pack 3, Office Publisher 2002, Microsoft Office 2003 Service Pack 1 and Service Pack 2 and Office Publisher 2003

The important flaw was found in Microsoft Windows and if successfully exploited, could result in remote code execution. An attacker who sent a specially crafted multicast message to an affected system could execute code on that system. However, the MSMQ service, which is the Windows service needed to allow PGM communications, is not installed by default.

Affected software is Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2. Non affected software is Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition

The moderate flaw was found in the Indexing Service due to the way that it handles query validation. If an attacker successfully exploited the vulnerability, they could run client-side script on behalf of a user. The script could take any action that the user could take on the affected website.

Affected software is Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1, Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 x64 Edition.

Patches for these flaws are available from the Microsoft website at:

http://www.microsoft.com/downloads/results.aspx?displaylang=en&freetext=security_patch

References