Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC: InfoSec Handlers Diary Blog - Microsoft Snapshot Viewer Security Advisory InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Snapshot Viewer Security Advisory

Published: 2008-07-07
Last Updated: 2008-07-07 19:13:32 UTC
by Scott Fendley (Version: 1)
0 comment(s)

Microsoft earlier today released a Security Advisory which discusses a
remote code execution vulnerability in the ActiveX control for Snapshot
Viewer. The Snapshot Viewer ActiveX control enable the user to view an
Access report snapshot without having the standard or run-time version of
Microsoft Access.  This ActiveX control is shipped with all versions of
Microsoft Access with exception of Access 2007.

As this is a remote code execution issue, the attacker would have access
to run any code of their choosing at the same user rights as the logged-on
user.  So those users running with reduced privileges have a more limited
risk than those running with full administrator access.

Microsoft's advisory has several recommendations on how to set a kill bit.
As tomorrow is the normally scheduled Patch Tuesday, it is likely that an
appropriate update for the ActiveX control or a kill bit update will not
be released.   With that in mind, it is recommended that appropriate steps
be taken using group policy at the same time that you roll out the updates
to your environment.

For more information on the vulnerability, please see MS Security Advisory
955179 at http://www.microsoft.com/TechNet/security/advisory/955179.mspx

0 comment(s)
Diary Archives