Microsoft and Buffer-Overflows

On September 14th Microsoft posted a news release regarding vulnerabilities to virus creators. Like with other software we had previously discussed in this column (Winamp or YIM) the flaws are related to buffer-overflows (again!), which this time seem to hit all (recent) versions of MS Office, Windows XP, Server 2003 and other software products by Microsoft. Again, users are being tricked into opening a certain document and/or image prepared by the intruder, which allows him to run code on that specific workstation. But this is not were the threat stops. If the targeted user has administrative privileges on this system, the attacker could possibly gain access and control over the whole network. 

Most likely extensions of the virus-infected documents are:

• .doc (to make it appear as a Word document)

• .wpd (WordPerfect Document)

• .wp5 (WordPerfect 5 extension)

How to correct these issues? This time Microsoft was acting in a timely manner and shortly after the bulletin was released offered security patches: 

MS04-027: Buffer Overflow in WordPerfect 5.x Converter

• MS Office 2000 (or Works Suite 2001)
• MS Office XP (or Works Suite 2002, 2003 and 2004)
• MS Office 2003

MS04-028: Buffer Overflow in JPEG Image Processor

• Win XP w/SP1 (SP2 unaffected)
• Win XP 64-bit Edition w/SP1
• Win XP 64-bit 2003 Edition
• Win Server 2003
• Win Server 2003 64-bit Edition
• MS Office XP (2002)
• MS Office 2003
• MS Project 2002
• MS Project 2003
• MS Visio 2002
• MS Visio 2003
• MS Visual Studio .NET 2002
• MS Visual Studio .NET 2003
• MS .NET Framework v1.0 SDK
• MS Picture It!, Microsoft Greetings 2002, Microsoft Digital Image Pro and Suite
• MS Producer (a PowerPoint 2003 add-in)
• MS Platform SDK Redistributable: GDI+

Until next time! Surf safe!

Copyright © 2004