Skip to main content
MSRC

Registry

MS10-105: Image Filters Update

Tuesday, December 14, 2010

This month we shipped a security update and bulletin (ms10-105) to address vulnerabilities in the .cgm, .tif, .fpx, and .pct image filters. These filters are shipped with Microsoft Office to extend image rendering for applications. Neither Office 2010 nor Office 2007 use filters to perform rendering by default. Both use GDI+ instead.

Registry vulnerabilities addressed by MS10-021

Monday, April 12, 2010

MS10-021 addresses eight different Windows vulnerabilities. Five of them, CVE-2010-0234 through CVE-2010-0238, stem from an obscure bit of Windows registry functionality called “registry links”. A quick search in MSDN reveals this description: “REG_LINK: Specifies a Unicode symbolic link. Used internally. Applications do not use this type”. Clear as mud, right? Registry links are similar to symbolic links in NTFS (http://msdn.

MS08-015: Protocol Handler and its Default Security Zone

Tuesday, March 11, 2008

MS08-015, CVE-2008-0110, addresses a vulnerability in Microsoft Outlook’s implementation of “mailto” URI handling. The attack can be launched via IE or other applications which invoke the “mailto” protocol. Applications can register pluggable protocol handlers to handle a custom Uniform Resource Locator (URL) protocol scheme. Here “mailto” is one example of the various protocol handles that can be registered.

MS08-001 (part 2) – The case of the Moderate ICMP mitigations

Tuesday, January 08, 2008

This is the second post in the three-part series covering MS08-001. In this post we’ll look at the ICMP vulnerability (CVE-2007-0066) in more detail. This vulnerability is caused by Windows TCP/IP’s handling of the ICMP protocol, specifically regarding router advertisement messages. This post covers the mitigating factors for this vulnerability in more detail.