Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - MS released two OOB bulletins and an advisory InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS released two OOB bulletins and an advisory

Published: 2009-07-28
Last Updated: 2011-01-24 23:56:59 UTC
by Adrien de Beaupre (Version: 2)
0 comment(s)

Microsoft has released two Out of Band (OOB) bulletins and one advisory. The security advisory (973882) relates to issues discovered in Microsoft’s Active Template Library (ATL), which is included in Visual Studio. The first bulletin (MS09-035) describes how ATL is used, and some of the code within it that can lead to memory corruption information disclosure, and creation of object instances disregarding set security policy. A number of third party software packages will also have to be updated to reflect this change. The second bulletin (MS09-034) is a defense in depth mitigation for potential bypass of ActiveX killbits, commonly used to mitigate other vulnerabilities. Apply this patch ASAP. The impact of a user viewing an evil web page is arbitrary code execution. Related CVE entries are:

ATL Uninitialized Object Vulnerability - CVE-2009-0901
ATL COM Initialization Vulnerability - CVE-2009-2493
ATL Null String Vulnerability - CVE-2009-2495

Memory Corruption Vulnerability - CVE-2009-1917
HTML Objects Memory Corruption Vulnerability - CVE-2009-1918
Uninitialized Memory Corruption Vulnerability - CVE-2009-1919

Microsoft's investigation into MSvidctrl(MS09-032) apparently found the underlying issue in the ATL library, which is addressed in the bulletin and patches. More information will be available tomorrow at BlackHat . Here is a teaser advanced preview of the IE ActiveX killbit bypass being presented tomorrow:

Microsoft had provided advance notification of these releases 24 July 2009. We covered it here.


Adrien de Beaupré Inc.

0 comment(s)
Diary Archives