November 24, 2014

Microsoft fixes XML Core Services vulnerability as part of July’s Patch Tuesday

(LiveHacking.Com) – As expected, Microsoft has fixed the XML Core Services vulnerability which was being exploited in the wild using drive-by attacks.  The vulnerability allowed remote code execution if a user viewed a specially crafted webpage using Internet Explorer. Last month Microsoft issued a security advisory about the vulnerability along with a FixIt workaround, the exploit was also converted into a Metasploit module.

Microsoft Security Bulletin MS12-043 now fixes the problem. The Critical level update applies to Microsoft XML Core Services 3.0, 4.0, and 6.0 on all supported editions of Windows XP, Windows Vista, and Windows 7. It also applies to all supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 (where it is rated as Moderate). The vulnerability also affects Microsoft XML Core Services 5.0 that is used in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack, Microsoft Expression Web, Microsoft Office SharePoint Server 2007, and Microsoft Groove Server 2007.

July’s bulletins also covered two other Critical level vulnerabilities. The XML Core Services, isn’t the only drive-by vulnerability fixed by the Redmond giant. Microsoft Security Bulletin MS12-045 addresses the way that Microsoft Data Access Components handles objects in memory. Before the fix, a vulnerability existed that could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.

Microsoft also released a cumulative security update for Internet Explorer 9. The update fixes two privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer 9. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.

Among the other updates, one is for the Mac. The update fixes a vulnerability in Microsoft Office for Mac 2011 that could allow elevation of privilege if a malicious executable is placed on an affected system by an attacker, and then another user logs on later and runs the malicious executable. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The fix corrects the permission settings on the Microsoft Office 2011 folder and other affected folders.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks