[SECURITY-L] CAIS-Alerta: Vulnerabilidade no Windows Explorer (MS06-045)
CSIRT - UNICAMP
security em unicamp.br
Qua Ago 9 10:51:18 -03 2006
--------------------------- Mensagem Original ----------------------------
Assunto: CAIS-Alerta: Vulnerabilidade no Windows Explorer (MS06-045)
De: "Centro de Atendimento a Incidentes de Seguranca" <cais em cais.rnp.br>
Data: Ter, Agosto 8, 2006 5:10 pm
Para: rnp-alerta em cais.rnp.br
rnp-seg em cais.rnp.br
--------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS06-045 -
Vulnerability in Windows Explorer Could Allow Remote Code Execution
(921398)", que trata de uma vulnerabilidade identificada no Windows
Explorer capaz de ser explorada remotamente permitindo o controle completo
do sistema atacado.
A vulnerabilidade deriva de uma falha no Windows ao lidar com eventos de
"Drag and Drop". Para ser explorada esta vulnerabilidade precisa da
interacao do usuario que e' solicitado a acessar um arquivo compartilhado.
Cabe alertar que ja' foram divulgadas provas de conceito que exploram esta
falha.
Sistemas afetados:
. Microsoft Windows 2000 Service Pack 4
. Microsoft Windows XP Service Pack 1
. Microsoft Windows XP Service Pack 2
. Microsoft Windows XP Professional x64 Edition
. Microsoft Windows Server 2003
. Microsoft Windows Server 2003 Service Pack 1
. Microsoft Windows Server 2003 para sistemas Itanium
. Microsoft Windows Server 2003 com SP1 para sistemas Itanium
. Microsoft Windows Server 2003 x64 Edition
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=38cee83e-b17a-4c08-90ce-fb836b9615ad
. Microsoft Windows XP Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=6ef68858-4c91-47fb-ae34-0be556f10ede
. Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=6ef68858-4c91-47fb-ae34-0be556f10ede
. Microsoft Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=50935f4e-e383-493e-97c6-599cbb2b87cc
. Microsoft Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=759435a3-98f9-4115-b52e-d7fa9d024f16
. Microsoft Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=759435a3-98f9-4115-b52e-d7fa9d024f16
. Microsoft Windows Server 2003 para sistemas Itanium
http://www.microsoft.com/downloads/details.aspx?FamilyId=462131c6-a728-4b3c-94de-85deccc42c3e
. Microsoft Windows Server 2003 com SP1 para sistemas Itanium
http://www.microsoft.com/downloads/details.aspx?FamilyId=462131c6-a728-4b3c-94de-85deccc42c3e
. Microsoft Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=50eef5c5-861d-4802-85a2-6b0627aafc2a
Mais informacoes:
. MS06-045 - Vulnerability in Windows Explorer Could Allow Remote Code
Execution (921398)
http://www.microsoft.com/technet/security/bulletin/ms06-045.mspx
. Internet Explorer Information Disclosure and HTA Application Execution
http://secunia.com/advisories/20825
. Microsoft Internet Explorer Information Disclosure and HTA File
Execution Vulnerabilities
http://www.frsirt.com/english/advisories/2006/2553
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
Identificador CVE (http://cve.mitre.org): CVE-2006-3281
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iQCVAwUBRNjvoekli63F4U8VAQJTbAP9Evqla2NDy49PRZOClE40hyoeuEd2rsPk
NThu47P8pdEOw98oxmvz0u3uwXv9iBjOaMEsZaIs0W61u+moLA5kuELz187uV5cX
vOh6e9M3yC0v4mEMwGeWv4mzX+8iD0knue23CV0h+1Ollo3qwsYcZLfZ/WfF6Ife
Ga/d6+ZFKNY=
=iE68
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L