[ISN] Microsoft To Issue Seven Security Patches On Tuesday

From: InfoSec News (alerts@private)
Date: Thu May 03 2007 - 23:21:43 PDT


http://www.informationweek.com/news/showArticle.jhtml?articleID=199203705

By Larry Greenemeier
InformationWeek
May 3, 2007 

Microsoft customers can look forward to seven security bulletins, some 
of them critical, affecting Windows, Office, and Exchange as well as 
Capicom and BizTalk as part of next week's Patch Tuesday ritual. 
Microsoft said Thursday that next week it will also provide an update to 
its Windows Malicious Software Removal Tool. In addition, the company is 
planning to release one high-priority non-security update on Windows 
Update as well as six high-priority non-security updates through 
Microsoft Update.

Three security bulletins slated for Patch Tuesday affect Office, while 
two affect Windows. Exchange is affected by one bulletin as is Microsoft 
BizTalk business process management server and Capicom, a Microsoft 
ActiveX control that can be used to enable the digital signing of data 
with a smart card or software key, the verification of digitally signed 
data, and the graphical display of certificate information, among other 
security functions.

The patches related to Microsoft Office should prove the most 
interesting of an otherwise routine Patch Tuesday experience, says 
Johannes Ullrich, chief research officer at the SANS Institute and chief 
technology officer for the Internet Storm Center. While BizTalk affects 
relatively few Microsoft customers, it's an important system and those 
using it will have a keen interest in that patch.

Microsoft also says it hasn't discovered any new information pertaining 
to mid-April reports of an attack exploiting a vulnerability in the 
Domain Name System Server Service in Microsoft Windows 2000 Server 
Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 
2003 Service Pack 2. Microsoft has thus far learned that the attempts to 
exploit this vulnerability could allow an attacker to run code in the 
security context of the Domain Name System Server Service. The company 
had a few weeks ago been seeing new attacks by the Win32/Siveras bot 
family to exploit the vulnerability. Windows Live Safety Scanner and 
Windows Live OneCare can be used to detect currently known malware types 
trying to exploit the vulnerability.

The Windows DNS Server's problem has been ongoing and centers on a flaw 
that leaves the system exposed to buffer overflows and a problem with 
the system's design that doesn't require users to authenticate before 
being given permission to make changes to DNS server information. 
Ullrich says. "Disabling this feature is a fairly solid workaround, 
although it also disables some of the system's management features."


__________________________
Subscribe to InfoSec News
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Thu May 03 2007 - 23:37:17 PDT