Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - December 9, 2008

by Marianna Schmudlach / December 8, 2008 11:43 PM PST

Ubuntu update for compiz-fusion-plugins-main


Release Date: 2008-12-09

Critical:
Not critical
Impact: Security Bypass

Where: Local system
Solution Status: Vendor Patch


OS: Ubuntu Linux 7.10
Ubuntu Linux 8.04
Ubuntu Linux 8.10


Description:
Ubuntu has issued an update for compiz-fusion-plugins-main. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.

Solution:
Apply updated packages.

Original Advisory:
USN-688-1:
https://lists.ubuntu.com/archives/ubu...ty-announce/2008-December/000799.html

Other References:
SA33077:
http://secunia.com/advisories/33077/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - December 9, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - December 9, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Compiz Fusion Expo Plugin Security Bypass
by Marianna Schmudlach / December 8, 2008 11:44 PM PST

Release Date: 2008-12-09

Critical:
Not critical
Impact: Security Bypass

Where: Local system
Solution Status: Vendor Workaround


Software: Compiz Fusion 0.x

Description:
A security issue has been reported in Compiz Fusion, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.

The security issue is caused due to the Expo plugin allowing people to enter the expo mode while the screen is locked. This can be exploited to access a locked screen by e.g. using Expo plugin shortcuts and moving the screen locking window aside.

Successful exploitation may require that an "Expo button" shortcut is configured (not default).

Solution:
Fixed in the GIT repository.
http://gitweb.compiz-fusion.org/?p=fu...a9fa6f0ad578f674d1f248bd7bef90e3260e0

Provided and/or discovered by:
Reported in an Ubuntu bug by sagarp.

Original Advisory:
https://bugs.launchpad.net/ubuntu/+source/compiz-fusion-plugins-main/+bug/247088
https://bugzilla.gnome.org/show_bug.cgi?id=561567

Collapse -
Debian update for squirrelmail
by Marianna Schmudlach / December 8, 2008 11:46 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for squirrelmail. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.

Solution:
Apply updated packages.

Original Advisory:
DSA-1682-1:
http://lists.debian.org/debian-security-announce/2008/msg00274.html

Other References:
SA32143:
http://secunia.com/advisories/32143/

Collapse -
PhPepperShop Webshop Multiple Cross-Site Scripting Vulnerabi
by Marianna Schmudlach / December 8, 2008 11:46 PM PST

Release Date: 2008-12-09

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: PhPepperShop Webshop 1.x

Description:
Some vulnerabilities have been reported in PhPepperShop Webshop, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input appended to the URLs index.php/, shop/kontakt.php/, shop/Admin/shop_kunden_mgmt.php/ and shop/Admin/SHOP_KONFIGURATION.php/ is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

These vulnerabilities are reported in version 1.4. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
th3.r00k.ieatpork

Collapse -
Google Gears Cross-Site Scripting Weakness
by Marianna Schmudlach / December 8, 2008 11:47 PM PST

Release Date: 2008-12-09

Critical:
Not critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: Google Gears 0.x

Description:
Yair Amit has reported a weakness in Google Gears, which can be exploited by malicious people to conduct cross-site scripting attacks.

The weakness is caused due to the Google Gears engine improperly executing scripts loaded from remote sites. This can be exploited to execute arbitrary Google Gears script code in a user's browser session in context of a target domain hosting e.g. a malicious image.

Successful exploitation requires the ability to place files on the target domain.

The weakness is reported in versions prior to 0.5.4.2.

Solution:
Update to version 0.5.4.2 or later.
http://gears.google.com/

Provided and/or discovered by:
Yair Amit, IBM Rational Application Security

Original Advisory:
Google Gear:
http://code.google.com/apis/gears/upcoming/api_workerpool.html#cross_origin

Yair Amit:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-December/066291.html
http://blog.watchfire.com/wfblog/2008...cross-origin-communication-model.html

Collapse -
Debian update for streamripper
by Marianna Schmudlach / December 8, 2008 11:49 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for streamripper. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
DSA-1683-1:
http://lists.debian.org/debian-security-announce/2008/msg00275.html

Other References:
SA32562:
http://secunia.com/advisories/32562/

Collapse -
3CX Phone System "fName" and "fPassword" Cross-Site Scriptin
by Marianna Schmudlach / December 8, 2008 11:50 PM PST

Release Date: 2008-12-09

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: 3CX Phone System 6.x

Description:
Chris Castaldo has discovered some vulnerabilities in 3CX Phone System, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "fName" and "fPassword" form parameters in login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

These vulnerabilities are confirmed in 3CX Phone System Free Edition version 6.1793. Other versions may also be affected.

Solution:
Update to version 7.0.

Provided and/or discovered by:
Chris Castaldo

Collapse -
PunBB Cross-Site Scripting and SQL Injection Vulnerabilitie
by Marianna Schmudlach / December 8, 2008 11:51 PM PST

Release Date: 2008-12-09

Critical:
Not critical
Impact: Cross Site Scripting
Manipulation of data

Where: From remote
Solution Status: Vendor Patch


Software: PunBB 1.x

Description:
Some vulnerabilities have been reported in PunBB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

Solution:
Update to version 1.3.2 or apply hotfixes.
http://punbb.informer.com/downloads.php#1.3.2

Provided and/or discovered by:
The vendor credits Stefan Esser.

Original Advisory:
http://punbb.informer.com/forums/topic/20475/punbb-132/

Collapse -
Aruba Mobility Controller EAP Frame Denial of Service
by Marianna Schmudlach / December 8, 2008 11:52 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: ArubaOS 2.4.x
ArubaOS 2.5.x
ArubaOS 3.1.x
ArubaOS 3.2.x
ArubaOS 3.3.x

Description:
A vulnerability has been reported in Aruba Mobility Controller, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when processing certain EAP frames. This can be exploited to e.g. repeatedly crash a process and block new clients from using EAP.

Note: When using wireless, this only affects devices running in WPA/WPA2 Enterprise modes.

The vulnerability is reported in ArubaOS 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x.

Solution:
Apply firmware patch.
http://www.arubanetworks.com/support

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.arubanetworks.com/support/alerts/aid-12808.asc

Collapse -
BMC PATROL Version Logging Format String Vulnerability
by Marianna Schmudlach / December 8, 2008 11:53 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: System access

Where: From local network
Solution Status: Vendor Patch


Software: BMC PATROL

Description:
A vulnerability has been reported in BMC PATROL, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a format string error when logging invalid versions. This can be exploited by sending a specially crafted packet to TCP port 3181.

Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in versions prior to 3.7.30.

Solution:
Update PATROL Agent to version 3.7.30. Please contact the vendor for more information.

Provided and/or discovered by:
Discovered by an anonymous person and reported via ZDI.

Original Advisory:
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-082/

Collapse -
Poll Pro "Password" SQL Injection Vulnerability
by Marianna Schmudlach / December 8, 2008 11:54 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Poll Pro 2.x



Description:
A vulnerability has been reported in Poll Pro, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "Password" parameter when logging in is not properly santised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 2.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
AlpHaNiX

Original Advisory:
http://milw0rm.com/exploits/7391

Collapse -
Microsoft SQL Server 2000 "sp_replwritetovarbin()" Buffer Ov
by Marianna Schmudlach / December 8, 2008 11:55 PM PST

Release Date: 2008-12-09

Critical:
Less critical
Impact: Privilege escalation

Where: From local network
Solution Status: Unpatched


Software: Microsoft SQL Server 2000

Description:
Bernhard Mueller has discovered a vulnerability in Microsoft SQL Server 2000, which can be exploited by malicious users to gain escalated privileges.

The vulnerability is caused due to a boundary error in the implementation of the "sp_replwritetovarbin()" SQL procedure. This can be exploited to cause a heap-based buffer overflow via specially crafted arguments passed to the affected procedure.

Successful exploitation may allow execution of arbitrary code with escalated privileges.

The vulnerability is confirmed in Microsoft SQL Server 2000 version 8.00.2050 and reported in version 8.00.2039. Other versions may also be affected.

Solution:
Restrict SQL access to trusted users only.

Provided and/or discovered by:
Bernhard Mueller, SEC Consult

Original Advisory:
SEC Consult:
http://www.sec-consult.com/files/2008...000-sp_replwritetovarbin_memwrite.txt

Collapse -
Security vulnerability found in MS SQL Server 2000

9 December 2008

A vulnerability has been found in Microsoft's SQL Server 2000 that would allow an attacker to remotely execute code in the server. According to security consultants SEC Consult, the cause of the problem is a bug in the program's memory management. By calling the extended stored procedure sp_replwritetovarbin and supplying several uninitialised variables as parameters, it is possible to trigger a memory write to a controlled location. The report claims the success of an attack depends on the version of Windows being used. SEC Consult says it has developed an exploit that has successfully executed arbitrary code on a lab machine.

More: http://www.heise-online.co.uk/security/Security-vulnerability-found-in-MS-SQL-Server-2000--/news/112202

Collapse -
w3blabor CMS Multiple Vulnerabilities
by Marianna Schmudlach / December 8, 2008 11:56 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: w3blabor CMS 3.x

Description:
DNX has discovered a vulnerability and a security issue in w3blabor CMS, which can be exploited by malicious people to compromise a vulnerable system and disclose sensitive information.

Solution:
Restrict access to the admin interface (e.g. via .htaccess).
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
DNX

Original Advisory:
http://milw0rm.com/exploits/7369

Collapse -
Professional Download Assistant SQL Injections and Database
by Marianna Schmudlach / December 8, 2008 11:57 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Professional Download Assistant 0.x

Description:
A security issue and some vulnerabilities have been discovered in Professional Download Assistant, which can be exploited by malicious people to disclose sensitive information and conduct SQL injection attacks.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
1) Ghost Hacker
2) ZoRLu

Original Advisory:
1) http://milw0rm.com/exploits/7371
2) http://milw0rm.com/exploits/7390

Collapse -
HP DECnet-Plus for OpenVMS Security Bypass
by Marianna Schmudlach / December 8, 2008 11:58 PM PST

Release Date: 2008-12-09

Critical:
Not critical
Impact: Security Bypass

Where: Local system
Solution Status: Vendor Patch


Software: HP DECnet-Plus for OpenVMS 8.x

Description:
A weakness has been reported in HP DECnet-Plus for OpenVMS, which can be exploited by malicious, local users to bypass certain security restrictions.

The weakness is caused due to the default user having read and write privileges (W:RWED) for the "OSIT$NAMES" logical name table. This can be exploited to modify the "OSIT$NAMES" table without having SYSNAM privileges.

Solution:
Update to DECnet-Plus V8.3 ECO03.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/AXP_DNVOSIECO03-V83.txt

Collapse -
QMail Mailing List Manager Database Disclosure
by Marianna Schmudlach / December 8, 2008 11:59 PM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: QMail Mailing List Manager 1.x

Description:
A security issue has been discovered in QMail Mailing List Manager, which can be exploited by malicious people to disclose sensitive information.

The security issue is caused due to the "database/qmail.mdb" database file being stored with insecure permissions inside the web root. This can be exploited to gain knowledge of sensitive information by downloading the file.

The security issue is confirmed in version 1.2. Other versions may also be affected.

Solution:
Restrict access to the database file.

Provided and/or discovered by:
Ghost Hacker

Original Advisory:
http://milw0rm.com/exploits/7376

Collapse -
eXPert PDF EditorX ActiveX Control "extractPagesToFile()" In
by Marianna Schmudlach / December 9, 2008 12:00 AM PST

Release Date: 2008-12-09

Critical:
Less critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: eXPert PDF EditorX ActiveX Control 1.x

Description:
Marco Torti has discovered a vulnerability in eXPert PDF EditorX ActiveX Control, which can be exploited by malicious people to overwrite arbitrary files.

The vulnerability is caused due to the VSPDFEditorX.VSPDFEdit ActiveX control (VSPDFEditorX.ocx) providing the insecure "extractPagesToFile()" method. This can be exploited to corrupt arbitrary files on the user's system.

This vulnerability is confirmed in version 1.0.200.0. Other versions may also be affected.

Solution:
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by:
Marco Torti

Original Advisory:
http://milw0rm.com/exploits/7358

Collapse -
WebCAF Multiple File Inclusion Vulnerabilities
by Marianna Schmudlach / December 9, 2008 12:01 AM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: WebCAF 1.x

Description:
Dun has discovered some vulnerabilities in WebCAF, which can be exploited by malicious people and users to disclose sensitive information

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
dun

Original Advisory:
http://milw0rm.com/exploits/7388

Collapse -
PHP 5.2.8 fixes withdrawn PHP 5.2.7
by Marianna Schmudlach / December 9, 2008 12:37 AM PST
Collapse -
Vulnerabilities in Linksys WVC54GC wireless network camera
by Marianna Schmudlach / December 9, 2008 12:39 AM PST

9 December 2008

US-CERT has posted notifications of two security vulnerabilities in the Linksys WVC54GC wireless network camera. US-CERT say that by delivering a specially crafted packet to the cameras UDP port 916, an attacker can make it respond with a packet that contains the majority of its system configuration, including details such as username, password, wireless ssid, WEP key, WEP password, WPA key, and DNS server. The camera is reported to send this information as an unencrypted packet over the network, which can allow an attacker access to these details and then use them to take control of the camera.

More: http://www.heise-online.co.uk/security/Vulnerabilities-in-Linksys-WVC54GC-wireless-network-camera--/news/112195

Collapse -
Google goes Native Client
by Marianna Schmudlach / December 9, 2008 12:40 AM PST

9 December 2008

A research project at Google aims to let x86 native code run in any web browser, safely, letting the code take full advantage of the local CPU power. The Native Client project aims to create a browser neutral way of running x86 code in web applications. The research is at an early stage and Google has gone public with Native Client to get feedback from the security and open source communities.

Native Client is composed of a browser plug-in and a GCC based compiler. The plug-in works with Firefox, Safari, Opera and Google Chrome. Linux, Mac OS X and Windows are all supported too, with only Internet Explorer being the exception. According to a blog posting from the development team versions of Native Client for ARM and PPC instruction sets are in development.

More: http://www.heise-online.co.uk/security/Google-goes-Native-Client--/news/112198

Collapse -
Microsoft Excel Multiple Vulnerabilities
by Marianna Schmudlach / December 9, 2008 3:45 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Excel 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2007
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac

Description:
Some vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply patches.

Microsoft Excel 2000 SP3:
http://www.microsoft.com/downloads/de...=f39d2a49-f861-4f2d-bf91-94a8a85af40c

Microsoft Excel 2002 SP3:
http://www.microsoft.com/downloads/de...=72076e21-2aa3-48e8-883a-c3cb756fc72a

Microsoft Excel 2003 SP3:
http://www.microsoft.com/downloads/de...=6c0771e5-fcd4-4365-b903-1a3bd95d9e66

Microsoft Excel 2007:
http://www.microsoft.com/downloads/de...=68bb8d99-f28b-4efd-9314-3eee0bb00ccf

Microsoft Excel 2007 SP1:
http://www.microsoft.com/downloads/de...=68bb8d99-f28b-4efd-9314-3eee0bb00ccf

Microsoft Office Excel Viewer 2003:
http://www.microsoft.com/downloads/de...=4b3989ef-02b8-4bd2-b2ab-c3716079936e

Microsoft Office Excel Viewer 2003 SP3:
http://www.microsoft.com/downloads/de...=4b3989ef-02b8-4bd2-b2ab-c3716079936e

Microsoft Office Excel Viewer:
http://www.microsoft.com/downloads/de...=9dbb35c1-aa7a-481b-a330-8ba916ddd443

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats:
http://www.microsoft.com/downloads/de...=99cca4ed-f1f9-4cfd-a986-edbec82ced4f

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1:
http://www.microsoft.com/downloads/de...=99cca4ed-f1f9-4cfd-a986-edbec82ced4f

Microsoft Office 2004 for Mac:
http://www.microsoft.com/downloads/de...=ECA13AD8-62AE-41A8-B308-41E2D1773820

Microsoft Office 2008 for Mac:
http://www.microsoft.com/downloads/de...=AB31A564-43D2-45BD-98BF-19E9CA477B62

Open XML File Format Converter for Mac:
http://www.microsoft.com/downloads/de...=EDB6CD8F-832C-4123-8982-AC0C601EA0A7

Provided and/or discovered by:
1) Dyon Balding, Secunia Research
2) The vendor credits Joshua J. Drake, VeriSign iDefense Labs.
3) The vendor credits Claes M Nyberg, signedness.org.

Original Advisory:
MS08-074 (KB959070):
http://www.microsoft.com/technet/security/Bulletin/MS08-074.mspx

Secunia Research:
http://secunia.com/secunia_research/2008-36/

http://secunia.com/advisories/31593/

Collapse -
Microsoft Office Word Multiple Vulnerabilities
by Marianna Schmudlach / December 9, 2008 3:46 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Word 2007
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac
Microsoft Outlook 2007
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003
Microsoft Works 8.x


Description:
Multiple vulnerabilities have been reported in Microsoft Office Word, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply patches.

Microsoft Office Word 2000 SP3:
http://www.microsoft.com/downloads/de...=43e8c4d8-307b-48f6-ac99-a9617421d40a

Microsoft Office Word 2002 SP3:
http://www.microsoft.com/downloads/de...=3ef41412-50b3-4077-b0e3-9a3704d2f876

Microsoft Office Word 2003 SP3:
http://www.microsoft.com/downloads/de...=45c81c60-4b1b-4246-839b-198ebc4eeae2

Microsoft Office Word 2007:
http://www.microsoft.com/downloads/de...=5b51cb5e-3899-4257-82cf-7e92fa619c37

Microsoft Office Outlook 2007:
http://www.microsoft.com/downloads/de...=5b51cb5e-3899-4257-82cf-7e92fa619c37

Microsoft Office Word 2007 SP1:
http://www.microsoft.com/downloads/de...=5b51cb5e-3899-4257-82cf-7e92fa619c37

Microsoft Office Outlook 2007 SP1:
http://www.microsoft.com/downloads/de...=5b51cb5e-3899-4257-82cf-7e92fa619c37

Microsoft Office Word Viewer 2003:
http://www.microsoft.com/downloads/de...=70de7c3c-519f-4f4a-a03f-027f80b5415c

Microsoft Office Word Viewer 2003 SP3:
http://www.microsoft.com/downloads/de...=70de7c3c-519f-4f4a-a03f-027f80b5415c

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats:
http://www.microsoft.com/downloads/de...=55430121-4476-48b8-9f6f-4a60fa0b2970

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1:
http://www.microsoft.com/downloads/de...=55430121-4476-48b8-9f6f-4a60fa0b2970

Microsoft Works 8 (requires update to Works 8.5):
http://www.microsoft.com/downloads/de...=1537d181-90d9-4bb5-b5ae-8d9990a349af

Microsoft Office 2004 for Mac:
http://www.microsoft.com/downloads/de...=ECA13AD8-62AE-41A8-B308-41E2D1773820

Microsoft Office 2008 for Mac:
http://www.microsoft.com/downloads/de...=AB31A564-43D2-45BD-98BF-19E9CA477B62

Open XML File Format Converter for Mac:
http://www.microsoft.com/downloads/de...=EDB6CD8F-832C-4123-8982-AC0C601EA0A7

Provided and/or discovered by:
1) The vendor credits Ricardo Narvaja, Core Security Technologies.
2) Dyon Balding, Secunia Research.
3) The vendor credits Yamata Li, Palo Alto Networks.
4) The vendor credits Wushi via ZDI.
5) The vendor credits Aaron Portnoy, TippingPoint DVLabs.
6) The vendor credits Wushi of team509 via ZDI.
7) The vendor credits Aaron Portnoy, TippingPoint DVLabs.
Cool The vendor credits Wushi and Ling via ZDI.

Original Advisory:
MS08-072 (KB957173):
http://www.microsoft.com/technet/security/Bulletin/MS08-072.mspx

Secunia Research:
http://secunia.com/secunia_research/2008-21/


http://secunia.com/advisories/30285/

Collapse -
December Black Tuesday Overview
by Marianna Schmudlach / December 9, 2008 5:06 AM PST

Published: 2008-12-09,
Last Updated: 2008-12-09 20:36:04 UTC
by Swa Frantzen

Overview of the December 2008 Microsoft patches and their status.

More: http://isc.sans.org/

Collapse -
Microsoft Office SharePoint Server Security Bypass Vulnerabi
by Marianna Schmudlach / December 9, 2008 5:07 AM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: Security Bypass

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Office SharePoint Server 2007
Microsoft Search Server 2008



Description:
A vulnerability has been reported in Microsoft Office SharePoint Server, which can be exploited by malicious people to bypass certain security restrictions.

SharePoint Server does not properly restrict access to administrative portions of the application. This can be exploited to bypass certain security restrictions by using a web browser to directly access the vulnerable administrative functionality.

Solution:
Apply patches.

Microsoft Office SharePoint Server 2007 (32-bit editions):
http://www.microsoft.com/downloads/de...=f8f73997-6f4c-4b43-aa50-5c8276e83d3e

Microsoft Office SharePoint Server 2007 SP 1 (32-bit editions):
http://www.microsoft.com/downloads/de...=f8f73997-6f4c-4b43-aa50-5c8276e83d3e

Microsoft Office SharePoint Server 2007 (64-bit editions):
http://www.microsoft.com/downloads/de...=a7fda284-273c-42ab-8188-433beaacca86

Microsoft Office SharePoint Server 2007 SP1 (64-bit editions):
http://www.microsoft.com/downloads/de...=a7fda284-273c-42ab-8188-433beaacca86

Microsoft Search Server 2008 (32-bit editions):
http://www.microsoft.com/downloads/de...=f8f73997-6f4c-4b43-aa50-5c8276e83d3e

Microsoft Search Server 2008 (64-bit editions):
http://www.microsoft.com/downloads/de...=a7fda284-273c-42ab-8188-433beaacca86

Provided and/or discovered by:
Reported by an anonymous person.

Original Advisory:
MS08-077 (KB957175):
http://www.microsoft.com/technet/security/Bulletin/MS08-077.mspx

http://secunia.com/advisories/33063/

Collapse -
Microsoft Windows Media Products Two Vulnerabilities
by Marianna Schmudlach / December 9, 2008 5:09 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: Security Bypass
Exposure of sensitive information
System access

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Windows Media Format Runtime 11.x
Microsoft Windows Media Format Runtime 7.x
Microsoft Windows Media Format Runtime 9.x
Microsoft Windows Media Player 6.x
Microsoft Windows Media Services 2008
Microsoft Windows Media Services 4.x
Microsoft Windows Media Services 9.x

Description:
Two vulnerabilities have been reported in several Microsoft Windows Media products, which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system.

Solution:
Apply patches.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
MS08-076 (KB959807):
http://www.microsoft.com/technet/security/Bulletin/MS08-076.mspx

http://secunia.com/advisories/33058/

Collapse -
Microsoft Windows Explorer Search Handling Vulnerabilities
by Marianna Schmudlach / December 9, 2008 5:10 AM PST

Release Date: 2008-12-09

Critical:
Moderately critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


OS: Microsoft Windows Server 2008
Microsoft Windows Vista



Description:
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to potentially compromise a vulnerable system.

Solution:
Apply patches.

Windows Vista and Windows Vista SP1 (KB958623):
http://www.microsoft.com/downloads/de...=0DCC5373-0435-42D5-864D-298E5BB122D9

Windows Vista and Windows Vista SP1 (KB958624):
http://www.microsoft.com/downloads/de...=5B1B65F0-6848-47C6-BDD5-BE3C0621B323

Windows Vista x64 Edition and Windows Vista x64 Edition SP1 (KB958623):
http://www.microsoft.com/downloads/de...=2112C5C8-7C9F-4491-B127-B1093085E105

Windows Vista x64 Edition and Windows Vista x64 Edition SP1 (KB958624):
http://www.microsoft.com/downloads/de...=EB1D0FFE-1644-457B-9E82-768BD4C7F7AB

Windows Server 2008 for 32-bit Systems (KB958623):
http://www.microsoft.com/downloads/de...=90AB7E6F-5AE7-4F55-8838-868FC98D8A16

Windows Server 2008 for 32-bit Systems (KB958624):
http://www.microsoft.com/downloads/de...=470D506F-77AE-4A44-8598-DF645F484295

Windows Server 2008 for x64-based Systems (KB958623):
http://www.microsoft.com/downloads/de...=E1DEAB57-ADA2-4B12-9157-5615E7B0071D

Windows Server 2008 for x64-based Systems (KB958624):
http://www.microsoft.com/downloads/de...=E41F23E4-6A2F-4EBB-B425-D241A08DA316

Windows Server 2008 for Itanium-based Systems (KB958623):
http://www.microsoft.com/downloads/de...=48BED90D-C243-4969-8E54-326D9A7AF343

Windows Server 2008 for Itanium-based Systems (KB958624):
http://www.microsoft.com/downloads/de...=83DE2263-DE2A-4C13-96BA-ECFEBDAF0BB9

Provided and/or discovered by:
1) The vendor credits Andre Protas, eEye Digital Security.
2) The vendor credits Nate McFeters.

Original Advisory:
MS08-075 (KB959349):
http://www.microsoft.com/technet/security/Bulletin/MS08-075.mspx

http://secunia.com/advisories/33053/

Collapse -
Microsoft Internet Explorer Multiple Vulnerabilities
by Marianna Schmudlach / December 9, 2008 5:12 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x

Description:
Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits:
1) Carlo Di Dato (aka shinnai)
2) Brett Moore via ZDI
3) Chris Weber, Casaba Security.
4) Jun Mao, Verisign iDefense Labs.

Original Advisory:
MS08-073 (KB958215):
http://www.microsoft.com/technet/security/Bulletin/MS08-073.mspx

http://secunia.com/advisories/33035/

Collapse -
Microsoft Visual Basic ActiveX Controls Multiple Vulnerabili
by Marianna Schmudlach / December 9, 2008 5:15 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: Microsoft Frontpage 2002
Microsoft Office Project 2007
Microsoft Project 2003
Microsoft Visual Basic 6.x
Microsoft Visual FoxPro 6.x
Microsoft Visual FoxPro 8.x
Microsoft Visual FoxPro 9.x
Microsoft Visual Studio .NET 2002
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 6 Enterprise
Microsoft Visual Studio 6 Professional
Microsoft Visual Studio 6 Standard

Description:
Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply patches.

Microsoft Visual Basic 6.0 Runtime Extended Files:
http://www.microsoft.com/downloads/de...=E27EEBCB-095D-43EC-A19E-4A46E591715C

Microsoft Visual Studio .NET 2002 SP1:
http://www.microsoft.com/downloads/de...=AFAD980D-7F27-49D9-AA23-B762C7B94CD6

Microsoft Visual Studio .NET 2003 SP1:
http://www.microsoft.com/downloads/de...=6AC7CF8F-D046-43A8-B4EF-253153D65AED

Microsoft Visual FoxPro 8.0 SP1:
http://www.microsoft.com/downloads/de...=A6977F81-F7F6-486B-96AD-8D296D79F205

Microsoft Visual FoxPro 9.0 SP1:
http://www.microsoft.com/downloads/de...=386D27A6-B2C7-4ACC-BF3E-EDCBC7358172

Microsoft Visual FoxPro 9.0 SP2:
http://www.microsoft.com/downloads/de...=5B1F28A9-DA8D-463A-8AE4-DFC8FCC6C41A

Microsoft Office FrontPage 2002 SP3 (only Chinese Simplified (China), Chinese Pan (Hong Kong), Chinese Traditional (Taiwan), and Korean):
http://www.microsoft.com/downloads/de...=0a6130ae-c5b4-43cb-afe3-ab6a55b9d9ea

Microsoft Office Project 2003 SP3:
http://www.microsoft.com/downloads/de...=89a44042-a629-40f3-800a-0bb45fc36591

Microsoft Office Project 2007:
http://www.microsoft.com/downloads/de...=2fbf6a5b-ff35-4a2d-9fa0-4e62b6486fe6

Microsoft Office Project 2007 SP1:
http://www.microsoft.com/downloads/de...=2fbf6a5b-ff35-4a2d-9fa0-4e62b6486fe6

Provided and/or discovered by:
1, 2) The vendor credits ADLab of VenusTech.

3) Carsten Eiram, Secunia Research.
The vendor also credits ADLab of VenusTech and Jason Medeiros, Affiliated Computer Services for reported some/all of the issues in #3.

4) The vendor credits:
* Mark Dowd via McAfee Avert Labs.
* Brett Moore, Insomnia Security.
* CHkr_D591 via ZDI.

5) The vendor credits Michal Bucko via CERT/CC.

Original Advisory:
Secunia Research:
http://secunia.com/secunia_research/2007-72/

MS08-070 (KB932349):
http://www.microsoft.com/technet/security/Bulletin/MS08-070.mspx

http://secunia.com/advisories/26534/

Collapse -
Microsoft Windows GDI Image Parsing Vulnerabilities
by Marianna Schmudlach / December 9, 2008 5:17 AM PST

Release Date: 2008-12-09

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


OS: Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional



Description:
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to potentially compromise a vulnerable system.

Solution:
Apply patches.

Provided and/or discovered by:
1) The vendor credits Jun Mao, VeriSign iDefense Labs.
2) The vendor credits Juan Caballero.

Original Advisory:
MS08-071 (KB956802):
http://www.microsoft.com/technet/security/Bulletin/MS08-071.mspx

http://secunia.com/advisories/33020/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.