[SECURITY-L] CAIS-Alerta: Vulnerabilidade no Microsoft Visual Basic for Applications (MS06-047)
CSIRT - UNICAMP
security em unicamp.br
Qua Ago 9 10:52:50 -03 2006
--------------------------- Mensagem Original ----------------------------
Assunto: CAIS-Alerta: Vulnerabilidade no Microsoft Visual Basic for
Applications (MS06-047)
De: "Centro de Atendimento a Incidentes de Seguranca" <cais em cais.rnp.br>
Data: Ter, Agosto 8, 2006 5:15 pm
Para: rnp-alerta em cais.rnp.br
rnp-seg em cais.rnp.br
--------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS06-047 -
Vulnerability in Microsoft Visual Basic for Applications Could Allow
Remote Code Execution (921645)", que trata de uma vulnerabilidade presente
no Microsoft Visual Basic for Applications, capaz de permitir a execucao
remota de codigo no sistema afetado.
O Microsoft Visual Basic for Applications (VBA) é uma tecnologia de
desenvolvimento de aplicacoes que permite a integracao entre diferentes
sistemas e dados. Uma vulnerabilidade na forma como o VBA trata as
informacoes sobre o documento, passadas pela aplicacao, pode permitir a
execucao de codigo malicioso no sistema afetado.
Para explorar esta vulnerabilidade, um atacante precisa forcar um usuario
a abrir um documento especialmente montado que utilize as facilidades do
VBA. Exemplos de documento que podem ser utilizados para explorar a
vulnerabilidade sao documentos Word, Excel, Powerpoint, e-mails em HTML,
entre outros.
Sistemas afetados:
. Microsoft Office 2000 Service Pack 3
. Microsoft Project 2000 Service Release 1
. Microsoft Access 2000 Runtime Service Pack 3
. Microsoft Office XP Service Pack 3
. Microsoft Project 2002 Service Pack 1
. Microsoft Visio 2002 Service Pack 2
. Microsoft Works Suite 2004
. Microsoft Works Suite 2005
. Microsoft Works Suite 2006
. Microsoft Visual Basic for Applications SDK 6.0
. Microsoft Visual Basic for Applications SDK 6.2
. Microsoft Visual Basic for Applications SDK 6.3
. Microsoft Visual Basic for Applications SDK 6.4
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. Microsoft Office 2000 Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyId=837A4FA9-FABC-4119-9AAF-2C8663029D2B
. Microsoft Project 2000 Service Release 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=744DD25D-B9A7-4E30-B64E-1C9BB0F87D90
. Microsoft Access 2000 Runtime Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyId=ED5A8C40-C592-4299-AFB2-5F0F6E2B1DCD
. Microsoft Office XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7C
. Microsoft Project 2002 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=62EF50AA-6061-4185-9713-F8C31B195103
. Microsoft Visio 2002 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=43525B6A-58B7-49C7-88D8-4983D1614A96
. Microsoft Works Suite 2004
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7C
. Microsoft Works Suite 2005
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7C
. Microsoft Works Suite 2006
http://www.microsoft.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-8381-B199EE351E7C
. Microsoft Visual Basic for Applications SDK 6.0
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3
. Microsoft Visual Basic for Applications SDK 6.2
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3
. Microsoft Visual Basic for Applications SDK 6.3
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3
. Microsoft Visual Basic for Applications SDK 6.4
http://www.microsoft.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F8-D45ED2A8F4B3
Mais informacoes:
. MS06-047 - Vulnerability in Microsoft Visual Basic for Applications
Could Allow Remote Code Execution (921645)
http://www.microsoft.com/technet/security/bulletin/ms06-047.mspx
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
Identificador CVE (http://cve.mitre.org): CVE-2006-3649
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iQCVAwUBRNjw7ukli63F4U8VAQI3ewQAuZL6JlxjHs0JPb1Y7ky8bEQ091Zqcelb
o4l61FoYVyQh9LAfYyyhT7P6pmxITxJ+g3N+yfecIRj2wqrFaGQVU8LWqLJ0CK9X
eFwwevBsPwN1VNwYpJO0Q75k5I5B1kiFu16eP/VsEc9cG6ZKWGXRdyRv1hMF3xXC
RMDVCVUZpFw=fq5H
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L