Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Microsoft vulnerabilities not fixed
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Microsoft vulnerabilities not fixed
Secunia Advisory: SA7579
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2002-11-22
Last Update: 2002-11-27
Popularity: 17,355 views

Critical:
Moderately critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

Software:Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.x
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 97
Microsoft Outlook 98
Microsoft Outlook Express 5
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6
Subscribe: Instant alerts on relevant vulnerabilities


Description:
Microsoft issued two advisories on 20th November 2002. It appears however that the vulnerabilities STILL exist to a certain extent.

MS02-065 regarding vulnerabilities RDS / MDAC
Microsoft has stated that the previous version of MDAC may be reactivated by an attacker, the reason is that the Kill Bit has not been set. This allows an old component to be reactivated - without any warning, thus the vulnerability may still be exploited.

MS02-066 regarding a cumulative patch which closed numerous vulnerabilities. This should apparently have fixed the issue which allowed malicious websites to execute executable files in the local security zone. This is however still possible, what has been closed is another vulnerability which made it possible to pass arguments to the executable file.
It is also still possible to read contents of the clipboard as well as writing new contents to it.
Microsoft has known about these vulnerabilities at least since 22nd October 2002

Solution:
Outlook and Outlook Express are not vulnerable IF you have deployed "Outlook Email Security Update" or run Outlook 2002 or Outlook Express 6.
Outlook Email Security Update:
http://office.microsoft.com/Downloads/2000/Out2ksec.aspx

Internet Explorer 5.0, 5.5 and 6 are affected by MS02-065
The Microsoft Bulletin MS02-065 states that the user should:
Remove all trusted publishers, including Microsoft.
This however will prompt the user for an accept every time a page tries to download an ActiveX component, the user then needs to verify the certificate chain manually. While this solution works and is good security practice, it may become annoying to some users and other users may not have the knowledge required to manually verify a certificate chain.
The trusted publishers in Internet Explorer may be removed under "Tools">"Internet Options">"Content tab">"Certificates">"Publishers" in this dialog click "Trusted Publishers", then remove each certificate.

Internet Explorer 5.5 and 6 are affected by the vulnerabilities not fixed in MS02-66
The only safe workaround is to disable "Active Scripting" in the "Internet Zone" and add trusted sites which requires Active Scripting to the "Trusted sites" zone. While this works, many users may be annoyed by this.

We expect Microsoft to publish revised bulletins soon. In the meanwhile you need to consider taking other measures to secure your network. Secunia find it likely that these vulnerabilities will be exploited on a broad scale soon.

Other protective measures could be to use alternate browsers and/or install a proxy server which allows you to filter malicious javascript, ActiveX components and other content / file types which could pose a risk to your network.

Changelog:
25/11-2002 Microsoft has revised MS02-066 with information regarding how to stop websites from executing files using HTML Help:
http://support.microsoft.com?kbid=810687

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 20
New vulnerabilities: 81
Updated advisories: 34

Less // 109 views
Novell Netware ApacheAdmin Console Security Bypass
Moderately // 103 views
Webboard Street SQL Injection and Information Disclosure
Moderately // 128 views
Null FTP Server "SITE" Parameters Command Injection Vulnerability
Moderately // 110 views
User Engine Lite ASP Database Disclosure
Moderately // 120 views
Merlix Template Creature "mcatid" SQL Injection Vulnerability
Highly // 145 views
CcTiddly Multiple File Inclusion Vulnerabilities
Not // 217 views
Tor Two Weaknesses
Moderately // 163 views
Tribiq CMS "cID" SQL Injection Vulnerability
Highly // 165 views
Gravity GTD File Inclusion and PHP Code Injection
Highly // 281 views
Trillian Multiple Vulnerabilities

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 361 views
2. Adobe Flash Player Multiple Security Issues and Vulnerabilities // 143 views
3. Null FTP Server "SITE" Parameters Command Injection Vulnerability // 115 views
4. User Engine Lite ASP Database Disclosure // 98 views
5. Webboard Street SQL Injection and Information Disclosure // 85 views
6. Novell Netware ApacheAdmin Console Security Bypass // 81 views
7. Tor Two Weaknesses // 74 views
8. Trillian Multiple Vulnerabilities // 67 views
9. Merlix Template Creature "mcatid" SQL Injection Vulnerability // 54 views
10. CcTiddly Multiple File Inclusion Vulnerabilities // 50 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008