Printed from www.pcpro.co.uk
Critical flaw found in Publisher
Posted on 13 Sep 2006 at 11:04
Microsoft's security bulletin and patches are relatively light this month. The company is only addressing three issues concerning its software and only one of these is deemed to be 'critical'.
The critical vulnerability is found in Microsoft Publisher - although only for Publisher 2000.
While Publishers 2002 and 2003 are also affected, their severity is only set to 'Important'. Microsoft admits remote code execution vulnerability exists because Publisher does not perform sufficient data validation when processing the contents of a .pub file. An attacker could exploit this vulnerability because, when Publisher parses a specially crafted file with a malformed string, it can corrupt system memory and allow the attacker to execute arbitrary code.
If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data; or create new accounts with full user rights.
The other two vulnerabilities are within Windows itself. The second 'Important' vulnerability affects Windows 2000 Service Pack 4, XP Service Pack 1, Windows XP Service Pack 2 and Windows Server 2003 for both x86 and Itanium. A second issue involves a reported vulnerability in Reliable Multicast Program (PGM) that could cause a denial of service condition.
Finally, a flaw in the Indexing Service could allow confidential information disclosure because of the way that it handles query validation. The vulnerability could allow an attacker to run client-side script on behalf of a user. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site
The September security release will come as a welcome relief to IT managers following hectic July and August schedules. A summary of the update is on the TechNet web site.
However, it's not all - relatively - good news. Although this month's update proved slim pickings, Microsoft has also released updates for previous patches MS06-040 and MS06-042 after further problems were discovered.
What's more, the September bulletins failed to address a known issue with Word 2000 which is already being exploited by the virus community. Security company Secunia described the vulnerability as 'extremely critical' after Trojan code was discovered that downloaded malicious software to infected systems.
Author: Steve Malone and Matt Whipp
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
