[SECURITY-L] CAIS-Alerta: Vulnerabilidades no DirectX (MS07-064)
CSIRT - UNICAMP
security em unicamp.br
Seg Dez 17 10:36:33 -02 2007
----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----
From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Vulnerabilidades no DirectX (MS07-064)
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Thu, 13 Dec 2007 15:55:23 -0200 (BRST)
-----BEGIN PGP SIGNED MESSAGE-----
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS07-064 -
Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)",
que trata de uma vulnerabilidade no Microsoft DirectX.
DirectX e' um recurso de midia de sistemas Windows usado para habilitar
graficos e som para jogos e video.
As duas vulnerabilidades em questao permitem a execucao remota de codigo.
Um atacante pode obter total controle sobre um sistema afetado se um
usuario abrir um arquivo de midia DirectX malicioso preparado por ele.
Usuarios cujas contas tem menos privilegios podem sofrer um impacto menor.
A atualizacao deste boletim substitui a presente no boletim MS05-050.
Sistemas afetados:
. DirectX 7.0 - Microsoft Windows 2000 Service Pack 4
. DirectX 8.1 - Microsoft Windows 2000 Service Pack 4
. DirectX 9.0c
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 com SP1 para Sistemas baseados em Itanium
- Windows Server 2003 com SP2 para Sistemas baseados em Itanium
. DirectX 10.0
- Windows Vista
- Windows Vista x64 Edition
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. DirectX 7.0 - Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=06196774-5a11-4525-b53c-8cb000738949
. DirectX 8.1 - Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=ccb872bd-fc06-4a3f-ac70-3c9a42d57b37
. DirectX 9.0c
- Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=03b14ce0-5189-4803-8151-6ac5cb6a9179
- Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=04a8f8d3-69f9-4445-baab-f45616a6b9b7
- Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=f096c500-e765-4e75-8443-7ffec4ddf149
- Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=f096c500-e765-4e75-8443-7ffec4ddf149
- Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=d80a295a-baf9-4981-8a28-1b4207ecc5f7
- Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=d80a295a-baf9-4981-8a28-1b4207ecc5f7
- Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=378086ea-60b8-409f-970a-fcfd62025150
- Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=378086ea-60b8-409f-970a-fcfd62025150
- Windows Server 2003 com SP1 para Sistemas baseados em Itanium
http://www.microsoft.com/downloads/details.aspx?FamilyId=2e6ea4bb-9f4f-46fb-9d51-e20b15e61a89
- Windows Server 2003 com SP2 para Sistemas baseados em Itanium
http://www.microsoft.com/downloads/details.aspx?FamilyId=2e6ea4bb-9f4f-46fb-9d51-e20b15e61a89
. DirectX 10.0
- Windows Vista
http://www.microsoft.com/downloads/details.aspx?FamilyId=bfa571bc-e43f-45e3-bc98-4086985c99aa
- Windows Vista x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=3d8803da-108b-4b9d-a039-84932dce8e42
Mais informacoes:
. MS07-064 - Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
http://www.microsoft.com/technet/security/Bulletin/MS07-064.mspx
. Vulnerabilidade no DirectShow (MS05-050)
http://www.rnp.br/cais/alertas/2005/MS05-050.html
. SANS ISC Handler's Diary 2007-12-11: December black tuesday overview
http://isc.sans.org/diary.html?storyid=3735
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
. Windows Live OneCare
http://safety.live.com/site/pt-BR/default.htm
Identificador CVE (http://cve.mitre.org): CVE-2007-3901, CVE-2007-3895
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iQCVAwUBR2FyEOkli63F4U8VAQH4SwP/dgAgjg/+6YotVDy+1XC1C92EGK+pc8/w
Rd3f8v+a7sLyx31ZIuthaNc4ay0OzQdVWVDc6717t86fgWT8JMw7VXsYxaRgaVWj
MWXG68Jr97Hjec4WyAea7liqGo0AXGYXBtdTuuTTJ7x2vccmqu8UBZ/o9CSLerxE
+SQMd39DX5Y=
=FGx5
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L