Skip to main content
MSRC

2009

Preventing the exploitation of user mode heap corruption vulnerabilities

Tuesday, August 04, 2009

Over the past few months we have discussed a few different defense in depth mitigations (like GS [pt 1, pt2], SEHOP, and DEP [pt 1, pt 2]) which are designed to make it harder for attackers to successfully exploit memory safety vulnerabilities in software. In addition to the mitigations that we’ve discussed so far, a significant amount of effort has gone into hardening the Windows heap manager in order to complicate the exploitation of heap-based memory corruption vulnerabilities.

Announcing OffVis 1.0 Beta

Friday, July 31, 2009

We’ve gotten questions from security researchers and malware protection vendors about the binary file format used by Microsoft Word, PowerPoint, and Excel. The format specification is open and we have spoken at several conferences (1, 2, 3) about detecting malicious docs but we wanted to do more to help defenders. So earlier this year we started working on an Office Visualization Tool called “OffVis”.

Security Bulletin Webcast Q&A - OOB July 2009

Wednesday, July 29, 2009

Hosts: Christopher Budd, Security Program Manager Jonathan Ness, Security Development Lead Website: TechNet/security Chat Topic: July 2009 OOB Security Bulletin Date: Tuesday, July 28, 2009** Q: After applying MS09-035 will end users see any changes to their user interface that would be unusual or different to normal when working with ActiveX controls in Internet Explorer?

Security Bulletin Webcast Questions and Answers – Out-Of-Band July 2009

Wednesday, July 29, 2009

Hi, In conjunction with the Microsoft July 2009 Out-of-Band Bulletin release, we conducted two public webcasts to assist customers. During these webcasts, we were able to address 60 questions in the time allotted. The questions centered primarily on MS09-034: the Internet Explorer Cumulative Update Bulletin and MS09-035: the Visual Studio Bulletin.

Internet Explorer Mitigations for ATL Data Stream Vulnerabilities

Tuesday, July 28, 2009

IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034. We would like to explain these mitigations in more detail. ATL persisted data checks The first mitigation is a change to modify how ATL-based controls read persisted data by detecting specific call patterns that are problematic.

Microsoft Security Advisory 973882, Microsoft Security Bulletins MS09-034 and MS09-035 Released

Tuesday, July 28, 2009

Today, we’re releasing guidance and security updates to help better protect customers from responsibly reported security vulnerabilities discovered in the Microsoft Active Template Library (ATL). Because libraries function as building blocks that can be used to build software, vulnerabilities in software libraries can be complex issues and benefit from what we call community based defense – broad collaboration and action from Microsoft, the security community and industry.

MSVIDCTL (MS09-032) and the ATL vulnerability

Tuesday, July 28, 2009

Today we have released Security Advisory 973882 that describes vulnerabilities in the Microsoft Active Template Library (ATL), as well as security updates for Internet Explorer (MS09-034) and Visual Studio (MS09-035). The Visual Studio update addresses several vulnerabilities in the public versions of the ATL headers and libraries. The IE update contains two defense in depth mitigations to help prevent exploitation of the ATL vulnerabilities described in Security Advisory 973882 and MS09-035 (the IE updates contains additional security fixes that are not related to the ATL issue).

Overview of the out-of-band release

Tuesday, July 28, 2009

Today we released Security Advisory 973882 and with it, two out-of-band security bulletins. These updates are MS09-034 (an Internet Explorer update) and MS09-035 (a Visual Studio update). At this time _for customers who have applied _ MS09-032_ we are not aware of any “in the wild” exploits that leverage the vulnerabilities documented in 973882 and MS09-035_.