May 22, 2013

You are here: Home / Archives for Microsoft Office

Microsoft updates its XML Core Services as part of Critical patch release

January 9, 2013 by

microsoft logo(LiveHacking.Com) –  Microsoft has released seven bulletins, two ranked Critical and five ranked Important, to address 12 vulnerabilities in Microsoft Windows, Office, Developer Tools and Windows Server. Among the Critical patches is an update (MS13-002) to Microsoft’s XML Core Services that resolves two flaws that could allow remote code execution when a user opened a specially crafted website designed to exploit the vulnerability. The issue was privately disclosed and Microsoft is not aware of any attacks in the wild.

The other Critical-class bulletin (MS13-001) addresses a vulnerability in Microsoft Windows which could allow remote code execution if a print server received a specially crafted print job. The standard default Windows firewall configuration means that this can’t normally be exploited from an external source. The bug only affects Windows 7 and Windows Server 2008 R2.

The first Important-class patch addresses vulnerabilities in System Center Operations Manager.  The vulnerabilities could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL. Microsoft also fixed two other “elevation of privilege” vulnerabilities. The first in its .NET framework and the other in the Windows Kernel-Mode Driver. To exploit the kernel vulnerability a user would need to run an executable specifically designed to exploit the bug.

Microsoft also fixed a vulnerability in the way that Windows handle the SSL version 3 (SSLv3) and TLS protocols. The vulnerability could allow security feature bypass if an attacker injects specially crafted content into an SSL/TLS session. The flaw exists in all versions of Windows after XP: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT.

The final patch fixes a problem in the Open Data Protocol. The vulnerability could allow denial of service if an unauthenticated attacker sends specially crafted HTTP requests to an affected site.

Filed Under: Microsoft, News Tagged With: , , , , ,

Microsoft fix two remote code execution issues in Microsoft Office

October 10, 2012 by

(LiveHacking.Com) – Microsoft has released its software patches for October. Seven bulletins have been published that address 20 issues in Microsoft Windows, SQL Server, and Office including SharePoint, Lync, Microsoft Works and InfoPath.

The most important bulletin (and the only Critical level bulletin this month) is for Microsoft Office. MS12-064 resolves two problems in Microsoft Office that can result in remote code execution. If exploited an attacker could run arbitrary code on the PC. To exploit the bug the attacker would need to get the user to open a specially crafted Rich Text Format (RTF) file or preview/open a specially crafted RTF email message.

Microsoft also released a fix (MS12-067) for the vulnerabilities in the FAST Search Server which are caused by Oracle’s Outside In libraries. The vulnerabilities could allow remote code execution. FAST Search Server for SharePoint is only affected by this issue when Advanced Filter Pack is enabled. By default, Advanced Filter Pack is disabled. The libraries are also used in Microsoft Exchange Server 2007 and Microsoft Exchange Server 2010. The Outside In libraries were updated by Oracle in July and Microsoft addressed the issue in Exchange during August’s Patch Tuesday.

The other fix are:

  • MS12-065 - This security update resolves a privately reported vulnerability in Microsoft Works that could allow remote code execution if a user opens a specially crafted Microsoft Word file using Microsoft Works.
  • MS12-066 - Fixes a publicly disclosed vulnerability in Microsoft Office, Microsoft Communications Platforms, Microsoft Server software, and Microsoft Office Web Apps. The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.
  • MS12-068 - Corrects a vulnerability in all supported releases of Microsoft Windows before Windows 8 and Windows Server 2012 which could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
  • MS12-069 - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote attacker sends a specially crafted session request to the Kerberos server.
  • MS12-070 - This security update resolves a privately reported vulnerability in Microsoft SQL Server on systems running SQL Server Reporting Services (SSRS). The vulnerability is a cross-site-scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the SSRS site in the context of the targeted user.

As previously announced, this month updates contains a patch to Windows that restricts the use of certificates with RSA keys < 1024 bits. Microsoft have implemented this at the API level which means that any service or application that calls the CertGetCertificateChain function for a certificate with an RSA key < 1024 bits will be informed that the certificate can’t be trusted. This impacts a wide variety of applications and services including encrypted email, SSL/TLS encryption channels, signed applications, and private PKI environments.

Finally, Microsoft has reminded customers that Microsoft Works reaches the end of its support lifecycle this week.

Filed Under: Microsoft, News Tagged With: , , ,

Vulnerabilities: Microsoft Office TIFF Image Converter

December 22, 2010 by

Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user’s system.

An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image.

Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a
specially crafted TIFF image.

According to Secunia research, the successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).

Microsoft Office XP SP3, Microsoft Office Converter Pack and Microsoft Works 9 are affected software but other versions may also be affected.

These two vulnerabilities rated critical and Microsoft has released a security patch (MS10-105) to fix the issues.

Source:[http://secunia.com/secunia_research/2009-30/]

Filed Under: Microsoft, Vulnerability Tagged With: , , , ,