[SECURITY-L] Vulnerabilidade no Microsoft Office Web Components (MS08-017)
CSIRT - UNICAMP
security em unicamp.br
Qua Mar 12 12:43:38 -03 2008
----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----
From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: Vulnerabilidade no Microsoft Office Web Components (MS08-017)
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Tue, 11 Mar 2008 17:36:50 -0300 (BRT)
-----BEGIN PGP SIGNED MESSAGE-----
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-017 -
Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code
Execution (933103)", que trata de duas vulnerabilidades encontradas no
Microsoft Office Web Components.
As vulnerabilidades ocorrem no gerenciamento de recursos de memoria, ao
manipular URLs e paginas web. Um atacante pode explorar estas
vulnerabilidades criando uma pagina web especialmente construida, que deve
ser visitada pelo usuario, e com isso executar codigo no sistema
vulneravel com as permissoes do usuario conectado.
Se o usuario conectado tiver permissoes de administrador, o atacante
podera' obter controle total sobre o sistema.
Sistemas afetados:
. Microsoft Office 2000 Service Pack 3
. Microsoft Office XP Service Pack 3
. Visual Studio .NET 2002 Service Pack 1
. Visual Studio .NET 2003 Service Pack 1
. Microsoft BizTalk Server 2000
. Microsoft BizTalk Server 2002
. Microsoft Commerce Server 2000
. Internet Security and Acceleration Server 2000 Service Pack 2
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. Microsoft Office 2000 Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyId=806c654a-35e3-4385-855a-4b803249bfcf
. Microsoft Office XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyId=f54d2a5e-c0ed-4f70-9746-38dd61c8e9d7
. Visual Studio .NET 2002 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=D71B23FA-A873-406D-BAD7-E38E565DEE39
. Visual Studio .NET 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=2FE10CCD-40CB-4090-B83D-EAE3D4ECA174
. Microsoft BizTalk Server 2000
http://www.microsoft.com/downloads/details.aspx?FamilyId=E0993E49C0A811D2973D00C04F79E4B3
. Microsoft BizTalk Server 2002
http://www.microsoft.com/downloads/details.aspx?FamilyId=12B7D09A92AB4596996670799837D961
. Microsoft Commerce Server 2000
http://www.microsoft.com/downloads/details.aspx?FamilyId=71DE76BA-B62C-4A7A-A78A-9317F5255B13
. Internet Security and Acceleration Server 2000 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=526D87BD-C3DA-412E-8765-C15987AE9B01
Mais informacoes:
. MS08-017 - Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
http://www.microsoft.com/technet/security/bulletin/ms08-017.mspx
. SANS ISC Handler's Diary 2008-03-11: March Black Tuesday Overview
http://www.dshield.org/diary.html?storyid=4124
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
. Windows Live OneCare
http://safety.live.com/site/pt-BR/default.htm
Identificador CVE (http://cve.mitre.org): CVE-2006-4695, CVE-2007-1201
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iQCVAwUBR9btaOkli63F4U8VAQGc2gQAr33D0BLZtbNRO8l30I0BdMwqCGYxXjNz
S+UqiVETC+VRS5NUQfWzGvDRlrN/IEJ027GgWKwkGsR2HVekTb5bDqnCUaPvCebA
axIfY6XwqX/O3VH92kEQ5e54ChuiS7qQwkuXZZjuw2V+Ot6Qfi+R5VfdalzwZ7tR
pLyKQQ67d2E=
=k+qN
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L