September 1, 2014

Microsoft fix two remote code execution issues in Microsoft Office

(LiveHacking.Com) – Microsoft has released its software patches for October. Seven bulletins have been published that address 20 issues in Microsoft Windows, SQL Server, and Office including SharePoint, Lync, Microsoft Works and InfoPath.

The most important bulletin (and the only Critical level bulletin this month) is for Microsoft Office. MS12-064 resolves two problems in Microsoft Office that can result in remote code execution. If exploited an attacker could run arbitrary code on the PC. To exploit the bug the attacker would need to get the user to open a specially crafted Rich Text Format (RTF) file or preview/open a specially crafted RTF email message.

Microsoft also released a fix (MS12-067) for the vulnerabilities in the FAST Search Server which are caused by Oracle’s Outside In libraries. The vulnerabilities could allow remote code execution. FAST Search Server for SharePoint is only affected by this issue when Advanced Filter Pack is enabled. By default, Advanced Filter Pack is disabled. The libraries are also used in Microsoft Exchange Server 2007 and Microsoft Exchange Server 2010. The Outside In libraries were updated by Oracle in July and Microsoft addressed the issue in Exchange during August’s Patch Tuesday.

The other fix are:

  • MS12-065 - This security update resolves a privately reported vulnerability in Microsoft Works that could allow remote code execution if a user opens a specially crafted Microsoft Word file using Microsoft Works.
  • MS12-066 - Fixes a publicly disclosed vulnerability in Microsoft Office, Microsoft Communications Platforms, Microsoft Server software, and Microsoft Office Web Apps. The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.
  • MS12-068 - Corrects a vulnerability in all supported releases of Microsoft Windows before Windows 8 and Windows Server 2012 which could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
  • MS12-069 - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote attacker sends a specially crafted session request to the Kerberos server.
  • MS12-070 - This security update resolves a privately reported vulnerability in Microsoft SQL Server on systems running SQL Server Reporting Services (SSRS). The vulnerability is a cross-site-scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the SSRS site in the context of the targeted user.

As previously announced, this month updates contains a patch to Windows that restricts the use of certificates with RSA keys < 1024 bits. Microsoft have implemented this at the API level which means that any service or application that calls the CertGetCertificateChain function for a certificate with an RSA key < 1024 bits will be informed that the certificate can’t be trusted. This impacts a wide variety of applications and services including encrypted email, SSL/TLS encryption channels, signed applications, and private PKI environments.

Finally, Microsoft has reminded customers that Microsoft Works reaches the end of its support lifecycle this week.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks