Severity: High

9 October, 2007

Summary:

Today, Microsoft released three security bulletins describing vulnerabilities that affect Windows and components shipping with it. A remote attacker could exploit the worst of these flaws to execute code on your Windows PC, potentially gaining complete control of it. For a table briefly summarizing which vulnerabilities affect which versions of Windows, see Microsoft’s Security Bulletin Summary for October and expand the section, “Affected Software and Download Location.” If you manage a Windows network, you should download, test, and deploy the appropriate Windows patches throughout your network as soon as possible.

Exposure:

Microsoft’s three security bulletins detail vulnerabilities found in, or affecting, components of Windows. Each vulnerability affects different versions of Windows to a different extent. The summary below lists the vulnerabilities from highest to lowest severity.

MS07-055 : Kodak Image Viewer Remote Code Execution Vulnerability

The Kodak Image Viewer ships with Windows and allows you to view digital images. Unfortunately, the Kodak Image Viewer suffers from an unspecified “code execution vulnerability” involving the way it parses specially

Severity: High

9 October , 2007

Summary:

Today, Microsoft released a security bulletin describing three vulnerabilities in Internet Explorer. By tricking one of your users into visiting a maliciously crafted web page or into opening a maliciously crafted HTML email, an attacker could exploit five of these new vulnerabilities to execute code on your user’s computer, with your user’s privileges. In the worst case, the attacker could gain complete control of the victim computer. If you use Internet Explorer in your network, you should download, test, and deploy the appropriate Internet Explorer patches immediately. The patches fix the newly announced vulnerabilities, in addition to all previous ones.

Exposure:

In a security bulletin released today as part of their monthly patch update, Microsoft describes three vulnerabilities in Internet Explorer (IE) versions 5.01, 6.0, and 7.0.

The worst of these three vulnerabilities has to do with a flaw in the way IE handles a certain error involving file downloads. Triggering this error in a particular way causes memory corruption. By luring one of your users into visiting a malicious web page

Severity: High

9 October, 2007

Summary:

Today, Microsoft released two security bulletins describing vulnerabilities affecting different Microsoft Office packages including Word (for Windows and Mac), Office SharePoint Server 2007, and Windows SharePoint Services 3.0. By enticing one of your users into opening a maliciously formed Office file, an attacker could exploit the worst of these flaws to execute code on your user’s computer, with your user’s privileges, potentially gaining control of that computer. If you use Office, Word, or SharePoint in your network, you should download, test, and deploy the appropriate patches immediately.

Exposure:

Microsoft’s two security bulletins describe vulnerabilities found in Word, Office SharePoint Server 2007, and Windows SharePoint Services 3.0. The summary below lists the vulnerabilities from highest to lowest severity.

MS07-060: Word Memory Corruption Vulnerability

Microsoft Word for Windows and Mac suffers from an unspecified memory corruption vulnerability. By enticing one of your users into downloading and opening a maliciously crafted Office document, an attacker can exploit this vulnerability to execute code on that user’s computer, with that user’s level of privileges and permissions. If your user has local administrative privilege,

About three weeks ago, word of an Adobe security flaw began to do the rounds.  It has taken Adobe three weeks to finally get around to announcing the problem.  The vulnerability allows a hacker to take control of a Windows XP system if it has IE7 installed.  Considering the amount of people that run IE7, it is probably quite a lot of systems.

The vulnerability exists in Adobe Reader 8.1 (and previous versions) Acrobat Standard, Professional and Elements 8.1 (and previous versions) and Acrobat 3D.  It is the reader vulnerability that makes this a particularly serious threat as the number of people using Acrobat is somewhat limited.  What machine doesn’t have a copy of Adobe Reader installed? It is free and PDF is the format of choice for a lot of written material online.

Adobe has released a temporary solution.  It involves making modifications to the Windows Registry, which tends to frighten away all but the power users.  The good news is that a real fix is on the way and should be here before the end of October.  Expect to

Tuesday, 2 October 2007, 1:52 pm
Press Release: Symantec News ReleaseNew Symantec Endpoint Security Solution Now Available

Beta customers experience significant cost-savings and increased security with new integrated offering

Symantec Corp. (Nasdaq: SYMC) raised the bar today for enterprise security by announcing the global availability of Symantec Endpoint Protection 11.0 and Symantec Network Access Control 11.0. Symantec Endpoint Protection integrates Symantec AntiVirus with advanced threat prevention in a single agent managed through a single console, delivering unmatched defence against malware and data loss for laptops, desktops and servers.

Today Symantec also released results from a third-party study of Symantec Endpoint Protection beta customers quantifying the operational efficiencies gained through the integrated, single agent endpoint security solution. The study, which was conducted by the Alchemy Group in August and September, highlights Symantec Endpoint Protection’s ability to significantly reduce the cost and complexity of securing endpoints in diverse business environments.

Highlights of the summary include:
• The ability to manage IT security operations from Symantec Endpoint Protection’s single management console has the potential to reduce the number of current management hours by an average of 75 percent. One customer expects to save 97 percent of the hours dedicated to weekly

Severity: Medium

11 September, 2007

Summary:

Today, Microsoft released a bulletin describing an important security vulnerability affecting MSN Messenger and Windows Live Messenger. By enticing one of your users into accepting a malicious webcam invite, an attacker could exploit this vulnerability to potentially gain complete control of that user’s computer. If you use MSN Messenger or Windows Live Messenger in your network, you should download, test, and deploy the latest version as soon as possible.

Exposure:

Microsoft’s security bulletin describes a vulnerability affecting MSN Messenger 6.2, 7.0, 7.5, and Windows Live Messenger 8.0. The flaw stems from a heap buffer overflow vulnerability in the code used to handle webcam and video chat sessions. We mentioned this vulnerability in an August Wire post, but Microsoft hadn’t patched it at that time. If an attacker can entice one of your users into accepting a specially crafted webcam invite, she can exploit this flaw to execute code on the user’s computer, with that user’s privileges. As always, if your users have local administrative privileges, attackers could exploit this vulnerability to gain complete control of their machines.

Solution Path

Microsoft has released new versions of MSN Messenger and Windows Live Messenger to fix this