SANS ISC: InfoSec Handlers Diary Blog - Microsoft Security Advisory 2719615 - MSXML - CVE-2012-1889

• SANS Site Network
  • Current Site
  • Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

InfoSec Handlers Diary Blog

Several readers mentioned that Microsoft today issued a Security advisory regarding Microsoft XML Core Services (MSXML). This is in response to active exploitation.

The issues affects Office 2003 and 2007 on all versions of windows. All a user has to do to fall victim is visit the wrong website using IE. 

Microsoft has issued a fixit for it in the form of an msi file (see the KB 2719615 link below)

Alternative strategies would be to use browsers that do not support ActiveX, or disable the support in IE.

Links:

• http://technet.microsoft.com/en-us/security/advisory/2719615
• http://support.microsoft.com/kb/2719615
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1889

--
Swa Frantzen -- Section 66