Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Security Response

Microsoft Patch Tuesday - November 2010

Created: 09 Nov 2010 19:50:44 GMT • Updated: 23 Jan 2014 18:23:59 GMT • Translations available: 日本語
Robert Keith's picture
0 0 Votes
Login to vote

Hello and welcome to this month’s blog on the Microsoft patch releases. This is a relatively light month —the vendor is releasing three bulletins covering a total of 11 vulnerabilities. One of the issues is rated “Critical” and it affects Microsoft Office when handling malicious RTF (rich text format) files. The remainder of the issues are rated ‘Important’ and affect Office, PowerPoint, and Forefront Unified Access Gateway (UAG). As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.

- Run all software with the least privileges required while still maintaining functionality.

- Avoid handling files from unknown or questionable sources.

- Never visit sites of unknown or questionable integrity.

- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of the November releases can be found here: http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx

The following is a breakdown of the issues being addressed this month:

1. MS10-087 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)

CVE-2010-3333 (BID 44652) Microsoft Office RTF File Stack Buffer Overflow Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Office when parsing specially crafted RTF data. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file or viewing a malicious email. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: Microsoft Office XP SP3, 2003 SP3, 2007 SP2, 2010 (32-bit editions), 2010 (64-bit editions), Office 2004 for Mac, Office 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac

CVE-2010-3334 (BID 44656) Microsoft Office Art Drawing Record Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Office when opening a specially crafted Office file. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: Microsoft Office XP SP3, 2003 SP3, 2007 SP2, 2010 (32-bit editions), 2010 (64-bit editions), Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac

CVE-2010-3335 (BID 44659) Microsoft Office Drawing Exception Handling Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Office when opening a specially crafted Office file. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: Microsoft Office XP SP3, 2003 SP3, 2007 SP2, 2010 (32-bit editions), 2010 (64-bit editions), Office 2004 for Mac, Office 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac

CVE-2010-3336 (BID 44660) Microsoft Office Large SPID Read AV Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Office when opening a specially crafted Office file. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: Microsoft Office XP SP3, Office 2004 for Mac, Office 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac

CVE-2010-3337 (BID 42628) Microsoft Office 'pptimpconv.dll' DLL Loading Arbitrary Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 8.5/10)

A previously public (August 24, 2010) remote code-execution vulnerability affects Office because of how it loads DLL files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a file from an untrusted location. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: Microsoft Office 2007 SP2, 2010 (32-bit editions), and 2010 (64-bit editions)

2. MS10-088 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)

CVE-2010-2572 (BID 44626) Microsoft PowerPoint (CVE-2010-2572) Remote Buffer Overflow Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects PowerPoint due to a buffer overflow when handling specially crafted PowerPoint files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: PowerPoint 2002 SP3 and 2003 SP3

CVE-2010-2573 (BID 44628) Microsoft PowerPoint (CVE-2010-2573) Heap Corruption Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects PowerPoint due to an integer underflow when handling specially crafted PowerPoint files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. Affects: PowerPoint 2002 SP3, 2003 SP3, Office 2004 for Mac, and PowerPoint Viewer SP2

3. MS10-089 Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)

CVE-2010-2732 (BID 44631) Microsoft Forefront Unified Access Gateway Spoofing Vulnerability (MS Rating: Important / Symantec Rating: 7.5/10)

A vulnerability affects Forefront Unified Access Gateway (UAG) that may allow an attacker to redirect traffic to a malicious site. A successful exploit may result in the disclosure of potentially sensitive information. Affects: Forefront Unified Access Gateway 2010, 2010 Update 1, and 2010 Update 2

CVE-2010-2733 (BID 44632) Microsoft Forefront Unified Access Gateway Web Monitor Cross-Site Scripting Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A cross-site scripting vulnerability affects Forefront Unified Access Gateway (UAG). An attacker can exploit this issue to execute arbitrary script code in the context of the affected server. This may result in the disclosure of potentially sensitive information; other attacks are also possible. Affects: Forefront Unified Access Gateway 2010, 2010 Update 1, and 2010 Update 2

CVE-2010-2734 (BID 44633) Microsoft Forefront Unified Access Gateway Mobile Portal Cross-Site Scripting Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A cross-site scripting vulnerability affects Forefront Unified Access Gateway (UAG). An attacker can exploit this issue to execute arbitrary script code in the context of the affected server. This may result in the disclosure of potentially sensitive information; other attacks are also possible. Affects: Forefront Unified Access Gateway 2010, 2010 Update 1, and 2010 Update 2

CVE-2010-3936 (BID 44634) Microsoft Forefront Unified Access Gateway 'Signurl.asp' Cross-Site Scripting Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A cross-site scripting vulnerability affects Forefront Unified Access Gateway (UAG). An attacker can exploit this issue to execute arbitrary script code in the context of the affected server. This may result in the disclosure of potentially sensitive information; other attacks are also possible. Affects: Forefront Unified Access Gateway 2010, 2010 Update 1, and 2010 Update 2

More information on the vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.