Go Back   Tech Support Forum > Security Center > Computer Security News

User Tag List

Word vulnerability tops Microsoft's targets for Patch Tuesday

This is a discussion on Word vulnerability tops Microsoft's targets for Patch Tuesday within the Computer Security News forums, part of the Tech Support Forum category. A flaw in Microsoft Word ranks among the top security problems addressed by December's Patch Tuesday fixes, closing a hole


Closed Thread
 
Thread Tools Search this Thread
Old 12-10-2012, 02:16 PM   #1
Security Manager
Analyst
Rangemaster, TSF Academy
 
Glaswegian's Avatar
 
Join Date: Sep 2005
Location: Glasgow
Posts: 39,536
OS: Windows 10 Pro

My System


A flaw in Microsoft Word ranks among the top security problems addressed by December's Patch Tuesday fixes, closing a hole that allows remotely executing malicious code on targeted machines regardless of whether users open the infected file. The bulletin is one of five marked critical by Microsoft in its advanced notification about vulnerabilities this month, and several security experts say the Word vulnerability is the top priority.

"In this case we assume the 'critical' rating comes from Outlook, which can be configured to use Word to visualize documents in its preview pane," says Qualys CTO Wolfgang Kandek. "This is an automatic mechanism that does not require user interaction. In any case, this will be an important bulletin to watch out for."

The patch is rated as Important for Word 2003 SP3 and critical for Word 2007 SP2 & 3 and Word 2010 SP1.

This bulletin is similar to one issued earlier this year in that it deals with an issue with rich text format documents that can be parsed in the Outlook Preview Pane, thereby executing the vulnerability, says Alex Horan, a senior product manager with CORE Security .

"This is classic client side fodder, send an email with a job offer attached, or the new 401k plan attached and get control of a user's machine," says Paul Henry, a security and forensic analyst with Lumension, "plus if you exploit Bulletin 2, you get control of everything."

Bulletin 2 applies to all versions of Windows, including Windows 8 and Windows RT, Microsoft's two new operating systems. Given that it affects older operating systems as well, the vulnerability is likely with code from those earlier operating systems that is included in Windows 8 and RT.

"They don't say if this is a vulnerability on those systems that could be attacked over the network or if you need to be able to run code locally," says Horan, "but having an exploit that would potentially work against a wide range of windows systems is a great utility to have in your bag."

Still the actual danger may be limited, Henry says, and "because executing on this vulnerability would be time consuming and difficult, this is less important than the Word and [Internet Explorer] issues."

The IE problem threatens Target IE6 through 10, and provides a means for remotely executing code on a victim's computer. "This is a good one," says Horan, "a client side for Windows 7 and 8. A very attractive exploit [for] attackers to have."

He says that fixing a vulnerability found in Exchange 2007 SP3 and 2010 SP1 and 2 are important because these servers face the Internet and so are open to widespread attack. Fixing them may be troublesome. "You don't just randomly turn off email servers without generating howls of protest from your company," Horan says.

The same vulnerability is found in SharePoint and Microsoft Office Web Apps SP1, the latter of which may have less impact on enterprises because they don't use the platform widely, Kandek says.

The final critical bulletin is again a remote-code execution flaw affecting Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP0 and 1, and Windows 2008 SP0 and 1. "Essentially, when Windows Explorer parses a file name, it hits this vulnerability," Henry says.

In looking back on 2012 Patch Tuesdays, Henry notes that the total number, 83, was fewer than the even 100 logged in 2011.

The number of critical and moderate bulletins remained about the same year to year, but the number of bulletins ranked important dropped from 63 to 46, he says.


Word vulnerability tops Microsoft's targets for Patch Tuesday | PCWorld
Glaswegian is offline  
Sponsored Links
Advertisement
 
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hitachi 4TB Ultrastar with windows xp problems
Hello all, I have combed the internet for a solution to this, and even read a few threads on here that were related but not the same issue. Here is my problem: I have an Ultrastar hitachi 4TB 7k4000 hard-drive. I just installed it into my desktop computer. I have one other hard-drive that...
jacob2012 Hard Drive Support 3 12-07-2012 03:58 PM
Microsoft plans security patch for Word critical flaw next Tuesday
It's the first Thursday of October. Do you know what happens on the first Thursday of each month? Microsoft provides an advance notification of the security bulletins it plans to release on the second Tuesday of the month - more commonly known as Patch Tuesday. Following an unusually light Patch...
Glaswegian Computer Security News 0 10-07-2012 01:15 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:49 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts