Thursday, June 11, 2009
Last night we noticed a Windows XP kernel 0day claim in win32k!NtUserConsoleControl posted on baidu.com. We took a quick look and found that the issue requires administrator privileges to execute. We are still investigating, looking for any chance of privilege escalation but so far it looks like a reliability issue, not a security vulnerability.
Tuesday, June 09, 2009
小野寺です 2009 年 6 月のセキュリティ情報は、事前通知からの変更はなく予定通り、計 10 件 (緊急 6 件, 重要 3 件
Tuesday, June 09, 2009
小野寺です。 2009 年 6 月のワンポイントセキュリティを公開しました。 2009 年 6 月のワンポイントセキュリティ情報
Tuesday, June 09, 2009
Summary of Microsoft’s monthly security bulletin release for June 2009. Today we released 10 new security bulletins. 6 of those affect Windows with two rated as critical, three rated as important and one as moderate. The remaining four all have an aggregate rating of critical and affect Internet Explorer, Microsoft Office Word, Microsoft Office Excel and Microsoft Works Converters.
Tuesday, June 09, 2009
Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019, CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such that it runs in the Internet Explorer Internet zone, where scripting is enabled.
Tuesday, June 09, 2009
IE8 behavior notes MS09-019 contains the fix for the IE8 vulnerability responsibly disclosed by Nils at the CanSecWest pwn2own competition (CVE-2009-1532). Nils exploited this vulnerability on an IE8 build that did allow .NET assemblies to load in the Internet Zone. The final, released build of IE8 does not allow .Net assemblies to load in the Internet Zone.
Tuesday, June 09, 2009
Today, we released MS09-023, a bulletin for Windows Search 4.0. It is an information disclosure vulnerability rated as Moderate. We would like to go into more details in this blog to help you understand: What is the attack vector? - Why is this vulnerability rated as Moderate?- What is the risk of MSHTML hosting apps?
Tuesday, June 09, 2009
Today we released bulletin MS09-024 that fixes vulnerabilities in text converters for the Microsoft Works document file format (WPS). Reduced impact if Microsoft Office is installed The Works converters included with Microsoft Word are vulnerable. However, the Microsoft Word installer does not associate the WPS file extension with Word. So a user double-clicking a WPS file attachment for the first time would see the following dialog:
Tuesday, June 09, 2009
Today we are releasing MS09-026 which fixes a vulnerability in the Microsoft Windows RPC (Remote Procedure Call) NDR20 marshalling engine. This component is responsible for preparing data to be sent over the network and then translating it back to what the server or client application uses. NDR20 is specific to 32-bit applications that use RPC to transfer data.
Friday, June 05, 2009
In a previous post we provided some background on the !exploitable Crash Analyzer which was released earlier this year. One of the things that we didn’t mention is that !exploitable is just one of the debugger commands exported by the MSEC debugger extension. This extension also contains some additional commands that shellcode analysts may find useful.
