Login   |   Secure Purdue > News

Vulnerability updates: MS Office, Tomcat, and Internet Explorer

MS OFFICE

A new vulnerability has been discovered in the MS Office suite that has been deemed "Extremely Critical" by Secunia. Successful exploitation, which can happen if a user has MS Office installed and uses Internet Explorer to browse to a malicious page, can allow the attacker to execute arbitrary code on the user's system with the same privileges as the user. This vulnerability has been reported as a 0-day and as of July 13th, 2009 is unpatched. Mitigation techniques are outline in the Microsoft Security Bulletin at the following URL:

http://www.microsoft.com/technet/security/advisory/973472.mspx

The Secunia article regarding this vulnerability can be found here:

http://secunia.com/advisories/35800/2/

Again, this vulnerability has been rated as extremely critical and MS reports that it is being actively exploited in the wild.

 

INTERNET EXPLORER DIRECTSHOW ActiveX Vulnerability

The Internet Explorer DirectShow ActiveX control vulnerability that was reported on earlier will finally be patched on patch Tuesday, July 14 2009. It should be noted however that the exploit for this vulnerability has been packaged up for easy deployment and has evidently started popping up quite a bit in the wild. Because of this, system admins should take special care to make sure all Windows machines receive this patch as quickly as possible. More information about this and other patches being released on Tuesday can be found at Microsoft's TechNet page here:

http://blogs.technet.com/msrc/archive/2009/07/08/july-2009-advance-notification.aspx

SOLARIS TOMCAT VULNERABILITY

A new, unpatched, vulnerability has been discovered in the versions of Tomcat that come bundled with Solaris 9 and 10 which can lead to information disclosure to malicious parties. The full article that Sun has published on the issue can be found here:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-263529-1

Solaris administrators should follow the steps detailed in the document to determine if their systems are vulnerable to the exploit and if there are any mitigating steps that should be taken.

Finally, an interesting article on the "Seven Deadly Sins of Social Networking Security" can be found at CSO Online. The article details common security issues that users of social networking sites in the business world (be it LinkedIn, Facebook, MySpace, etc) commonly overlook. The URL can be found below:

http://www.csoonline.com/article/496314/Seven_Deadly_Sins_of_Social_Networking_Security

Posted by Brett Davis on July 13, 2009, in Handlers Log.