Security Alerts
January 17, 2007
Microsoft Releases January 2007 Security Bulletin for Multiple Vulnerabilities
Summary
On January 9, 2007 Microsoft released their monthly security bulletin with the latest security updates for workstations and servers. The Microsoft bulletin lists four (4) security vulnerabilities, with three (3) listed as critical and one (1) listed as important. All these patches should be applied. The three critical ones are patches for Excel, Outlook ( not Outlook Express), and Internet Explorer's Vector Markup Language (VRML) component which all lead to remote execution when a system is left unpatched. The patch for the Microsoft Office 2003 Brazilian and Portuguese grammar checker vulnerability is designated as important. It is important that all patches with a critical designation be patched immediately, in particular the Outlook and IE VML patches since they affect a range of other components within the Windows operating system.The affected operating system platforms are:
* Windows Server 2003
* Windows XP
* Windows 2000 SP4
It is imperative patches with critical and important designations be applied due to the serious nature of remote execution vulnerabilities which can allow for complete compromise and control of systems originating from within campus and the Internet. Only the IE patch will be delivered via BigFix, as the other patches will require a local MS Office installation CD. Local Big Fix admins are to apply the MS Office patches manually. Details are in the Technical Details section of this post.
What to Do
Windows users can manually use "Windows Update" to download and install the current operating system patches. Additionally, it is recommended that all Windows machines have an automated patch management solution installed and configured on their system. Stanford provides BigFix to automatically patch Windows machines; it is available at http://patching.stanford.edu. A customized update will be delivered to workstations and servers via BigFix if you subscribed to this service. The BigFix deliverable includes only the IE VML patch (MS07-004) of this bulletin. Individual updates can be downloaded by going to the Summary section of this Microsoft website. Please remember to reboot your machine after patching manually, or when prompted to do so by Windows Update or by your BigFix administrator. Most patches do not take effect until after a reboot.
Technical Details
It is important all patches designated as critical or important be applied. The patches for the vulnerabilities are listed as follow, those with an * delivered via BigFix:
Critical (3)
Microsoft Security Bulletin MS07-002
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
This update resolves vulnerabilities in Excel that could allow remote code execution.
Excel Malformed IMDATA Record Vulnerability - CVE-2007-0027:
A remote code execution vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed IMDATA record.
Excel Malformed Record Vulnerability - CVE-2007-0028:
A remote code execution vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed record.
Excel Malformed String Vulnerability - CVE-2007-0029:
A remote code execution vulnerability exists in Microsoft Excel that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Excel Malformed Column Record Vulnerability - CVE-2007-0030:
A remote code execution vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed Column record.
Excel Malformed Palette Record Vulnerability - CVE-2007-0031:
A remote code execution vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed Palette record.
Microsoft Security Bulletin MS07-003
Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
This update resolves vulnerabilities in Outlook that could allow remote code execution.
Microsoft Outlook VEVENT Vulnerability - CVE-2007-0033
A remote code execution vulnerability exists in Microsoft Outlook. An attacker could exploit this vulnerability when Outlook parses a file and processes a malformed VEVENT record.
Microsoft Outlook Denial of Service Vulnerability – CVE-2006-1305
A denial of service vulnerability exists in Outlook in its processing of e-mail header information. An attacker who successfully exploited the vulnerability could send a malformed e-mail to a user of Outlook that would cause the Outlook client to fail under certain circumstances. The Outlook client would continue to fail so long as the malformed e-mail message remained on the e-mail server. The e-mail message could be deleted by an e-mail administrator, or by the user via another e-mail client such as Outlook Web Access or Outlook Express, after which point the Outlook client would again function normally.
Microsoft Outlook Advanced Find Vulnerability - CVE-2007-0034
A remote code execution vulnerability exists in Microsoft Outlook. An attacker could exploit this vulnerability when Outlook parses an .oss file.
* Microsoft Security Bulletin MS07-004
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
This update resolves vulnerabilities in Internet Explorer that could allow remote code execution.
VML Buffer Overrun Vulnerability - CVE-2007-0024:
A remote code execution vulnerability exists in the Vector Markup Language (VML) implementation in Microsoft Windows. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail that could potentially allow remote code execution if a user visited the Web page or viewed the message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Important (1)
Microsoft Security Bulletin MS07-001
Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)
This update resolves a vulnerability in Office that could allow remote code execution. User interaction is required for an attacker to exploit these vulnerabilities.
Office 2003 Brazilian Portuguese Grammar Checker Vulnerability - CVE-2006-5574:
A remote code execution vulnerability exists in Office 2003 Brazilian Portuguese Grammar Checker. An attacker could exploit this vulnerability when Office opens a file and parses the text.
Affected Platforms and Applications:
Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows Server 2003 x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows XP Professional x64 Edition
Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 on Windows 2000 Service Pack 4
Internet Explorer 7 on Windows XP Service Pack 2
Internet Explorer 7 on Windows Server 2003 and Windows Server 2003 Service Pack 1
Internet Explorer 7 on Windows XP Professional x64 Edition
Internet Explorer 7 on Windows Server 2003 for Itanium-based Systems and Windows Server 2003 with SP1 for Itanium-based Systems
Internet Explorer 7 on Windows Server 2003 x64 Edition
Office Affected Software:
Excel 2000
Excel 2002
Excel 2003
Excel Viewer 2003
Microsoft Works Suites 2004 and 2005
Microsoft Office 2004 for Mac
Microsoft Office v.X for Mac
Office 2003 Service Pack 2 (Brazilian Portuguese Version)
Microsoft Office Multilingual User Interface 2003 Service Pack 2
Microsoft Project Multilingual User Interface 2003 Service Pack 2
Microsoft Visio Multilingual User Interface 2003 Service Pack 2
Microsoft Office Proofing Tools 2003 Service Pack 2
Outlook 2000
Outlook 2002
Outlook 2003
References
Detailed information about specific affected platforms and applications can be found at:
http://www.microsoft.com/technet/security/bulletin/ms07-jan.mspx