10月のワンポイント セキュリティ
Wednesday, October 15, 2008
小野寺です。 10 月のワンポイントセキュリティを公開しました。 2008 年 10 月のワンポイントセキュリティ情報は、
Month Archives: October 2008
2008年10月のセキュリティリリース と Exploitability Index (悪用可能性指標)
Tuesday, October 14, 2008
小野寺です 今月は、事前通知からの変更はなく、予定通り、計 11 件 (緊急 4 件, 重要 6 件, 警告 1 件)を公開し
Black Hat Follow Up: Answering the Hard Questions
Tuesday, October 14, 2008
Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns It’s October! And for those who remember Black Hat 2008 in Las Vegas, this means the programs we announced have launched.
Bulletin severity for October bulletins
Tuesday, October 14, 2008
Bulletin severity is an interesting topic to many blog readers. We often hear that you think a bulletin should be rated higher or lower. Sometimes we even hear one person suggesting a higher rating and another suggesting a lower rating for the same issue. J This post is not to advocate for or against the MSRC rating system but we’d just like you to understand what we were thinking for each bulletin.
MS08-059 : Running Microsoft Host Integration Server 2006 as non-admin
Tuesday, October 14, 2008
Microsoft Host Integration Server 2006 is an interesting product. It allows developers to manage business processes on IBM mainframe and AS/400 (big iron) servers as XML web services. You can find a free trial version available for download at http://www.microsoft.com/hiserver/downloads/default.mspx. Unfortunately, access to the management interface was not properly locked-down. MS08-059 is an update for Microsoft Host Integration Server 2006 which secures the SNA RPC service interface.
MS08-061 : The case of the kernel mode double-fetch
Tuesday, October 14, 2008
MS08-061 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector based on our investigation of the vulnerability. One of these vulnerabilities involves multiple kernel mode accesses of user mode data leading to an interesting race condition.
MS08-065 : Exploitable for remote code execution?
Tuesday, October 14, 2008
Today, we released MS08-065 to fix an issue in MSMQ. You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible. However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ service were installed by default on any affected Windows configuration, we would have rated this one Critical.
MS08-066 : Catching and fixing a ProbeForRead / ProbeForWrite bypass
Tuesday, October 14, 2008
The driver afd.sys is responsible for handling socket connections. MS08-066 addresses several vulnerabilities in afd.sys that could allow an attacker to execute arbitrary code in kernel mode. These vulnerabilities can only be exploited locally and there is no remote vector from our investigations. One of these vulnerabilities involves a ProbeForRead / ProbeForWrite bypass when using user supplied memory pointers and lengths.
October 2008 Monthly Bulletin Release
Tuesday, October 14, 2008
Hello Everyone! This is Steve Adegbite. I am new to the MSRC Crew. I work with Simon and Tami to help manage Microsoft’s security update releases. I also help with Microsoft’s Partner outreach effort and the Microsoft Active Protections Program (MAPP). So from time to time you will be hearing from me.
Concurrency Attacks in Web Applications
Monday, October 13, 2008
Hello, This is Scott Stender and Alex Vidergar from iSEC Partners, and our topic for BlueHat is Concurrency Attacks in Web Applications. Database administrators, computer architects, and operating system designers have spent decades solving the problems that arise from concurrency as they apply to their respective technologies, so this should be old, boring stuff, right?