For October’s Patch Tuesday, Microsoft released 10 security bulletins, six of which it’s rated as critical. (The remaining four updates address two moderate threats, one important threat, and one low threat.) In addition, several of the bulletins affect Office applications for the Mac.
Details

Redmond released 10 security bulletins for October’s Patch Tuesday, rating six as critical. Due to space constraints, I’ll review the critical updates this week, and I’ll wrap up this month’s Patch Tuesday coverage with the rest in the next issue.

Keep in mind that attackers are actively exploiting some of these threats, so make sure to examine each update on a case-by-case basis. To learn about specific workarounds and mitigating factors, read each security bulletin in detail.

Fortunately for managers and “patch masters,” most of these threats are only critical for older platforms and applications—a fact that greatly reduces the impact of these critical patch warnings. In most cases, Microsoft Baseline Security Analyzer (MBSA) 2.0 or Systems Management Server (SMS) 2003 will identify the need for a patch, but earlier versions may not work properly. However, MBSA 2.0 and SMS 2003 may not work in some instances, particularly for Macintosh platforms and Office 2000.

Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

MS06-057

Microsoft Security Bulletin MS06-057, titled as both “Vulnerability in Windows Shell Could Allow Remote Code Execution” and “Vulnerability in Windows Explorer Could Allow Remote Execution,” addresses the Windows Shell Remote Code Execution Vulnerability (CVE-2006-3730). There have been reports that attackers are actively exploiting this vulnerability.

This is a critical threat for Windows 2000 Service Pack 4 and all versions of Windows XP; it is a moderate threat for all versions of Windows Server 2003. This bulletin replaces Microsoft Security Bulletin MS06-045 for Windows XP SP1 only.

Possible workarounds include patching the registry, disabling ActiveX controls, and altering Internet Explorer security zones—all of which can have serious side effects. See the security bulletin for more details.
MS06-058

Microsoft Security Bulletin MS06-058, “Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution,” addresses four separate problems:

* PowerPoint Malformed Object Pointer Vulnerability (CVE-2006-3435)
* PowerPoint Malformed Data Record Vulnerability (CVE-2006-3876)
* PowerPoint Malformed Record Memory Corruption Vulnerability (CVE-2006-3877)
* PowerPoint Malformed Record Vulnerability (CVE-2006-4694)—attackers are actively exploiting this vulnerability.

This is a critical threat for PowerPoint 2000; it is an important threat for PowerPoint 2002, PowerPoint 2003, PowerPoint 2004 for Mac, and PowerPoint v.X for Mac. This bulletin replaces Microsoft Security Bulletin MS06-028 for all affected versions.

See the security bulletin to learn about possible workarounds and mitigating factors, which are numerous.
MS06-059

Microsoft Security Bulletin MS06-059, “Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution,” is another threat that affects both Windows and Macintosh platforms and addresses multiple vulnerabilities:

* Excel Malformed DATETIME Record Vulnerability (CVE-2006-2387)
* Excel Malformed STYLE Record Vulnerability (CVE-2006-3431)
* Excel Handling of Lotus 1-2-3 File Vulnerability (CVE-2006-3867)
* Excel Malformed COLINFO Record Vulnerability (CVE-2006-3875)

While both the Lotus 1-2-3 and STYLE Record vulnerabilities were publicly disclosed threats, there were no reports of active exploits at the time of publication.

This collective group poses a critical threat for Excel 2000; it’s an important threat for Excel 2002, Excel 2003, Excel Viewer 2003, Excel 2004 for Mac, and Excel v.X for Mac. This bulletin replaces Microsoft Security Bulletin MS06-037 for all affected versions.
MS06-060

Microsoft Security Bulletin MS06-060, “Vulnerabilities in Microsoft Word Could Allow Remote Code Execution,” is another threat that affects both Windows and Macintosh platforms and addresses multiple vulnerabilities:

* Microsoft Word Vulnerability (CVE-2006-3647)
* Microsoft Word Mail Merge Vulnerability (CVE-2006-3651)
* Microsoft Word Malformed Stack Vulnerability (CVE-2006-4534)
* Microsoft Word for Mac Vulnerability (CVE-2006-4693)

This collective group poses a critical threat for Word 2000; it’s an important threat for Word 2002, Word 2003, Word 2003 Viewer, Word 2004 for Mac, and Word v.X for Mac. This bulletin replaces Microsoft Security Bulletin MS06-027 for Word 2000, Word 2002, Word 2003, and Word 2003 Viewer. These are newly disclosed threats, and there had been no reports of active exploits at the time of publication.
MS06-061

Microsoft Security Bulletin MS06-061, “Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution,” addresses two separate threats:

* Microsoft XML Core Services Vulnerability (CVE-2006-4685)
* XSLT Buffer Overrun Vulnerability (CVE-2006-4686)

This bulletin affects Windows 2000 SP4, all versions of Windows XP, all versions of Windows Server 2003, Office 2003 SP1, Office 2003 SP2, Microsoft XML Core Services 4.0, and Microsoft XML Core Services 6.0. While the XML Core Services Vulnerability poses an important to low threat—depending on the version—the XSLT Buffer Overrun Vulnerability is a critical threat, so the collective rating is critical for all affected versions.

These are newly disclosed threats, and there had been no reports of active exploits at the time of publication.

Note: While Microsoft updated the bulletin to remove a mistaken update note, this bulletin doesn’t replace any prior security patches.
MS06-062

Microsoft Security Bulletin MS06-062, “Vulnerabilities in Microsoft Office Could Allow Remote Code Execution,” addresses four separate threats:

* Office Improper Memory Access Vulnerability (CVE-2006-3434)
* Office Malformed Chart Record Vulnerability (CVE-2006-3650)
* Office Malformed Record Memory Corruption Vulnerability (CVE-2006-3864)
* Microsoft Office Smart Tag Parsing Vulnerability (CVE-2006-3868)

This bulletin affects Office 2000 SP3, Office XP SP3, Office 2003 SP1, Office 2003 SP2, Office 2004 for Mac, and Office v.X for Mac. It also affects Project 2000 Service Release 1, Project 2002 SP1, and Visio 2002 SP2. It is a critical threat for Office 2000, and it’s an important threat for all remaining versions.

This bulletin replaces Microsoft Security Bulletin MS06-048 for all affected versions. Microsoft has updated the security bulletin itself to V1.1 to clarify some details.

The Microsoft Office Smart Tag Parsing vulnerability was the only publicly disclosed threat, but there had been no reports of active exploits at the time of publication.
Final word

And if six critical patches aren’t enough, don’t forget that Microsoft also recently released a critical patch out of sequence—Microsoft Security Bulletin MS06-055 for XML problems. Yes, folks, these critical threats are the ones Redmond felt could wait for the regular scheduled Patch Tuesday! Tune in next week for details on the remaining security bulletins.
Miss a column?

Check out the IT Locksmith Archive, and catch up on the most recent editions of John McCormick’s column.

Want to stay on top of the latest security updates? Automatically sign up for our free IT Locksmith newsletter, delivered each Tuesday!

John McCormick is a security consultant and well-known author in the field of IT, with more than 17,000 published articles. He has written the IT Locksmith column for TechRepublic for more than four years.

Click to rate this post!
[Total: 0 Average: 0]
News Reporter

Leave a Reply

Your email address will not be published. Required fields are marked *