Monday, June 20, 2005

Microsoft Internet Explorer Cumulative Update (MS05-025)

HIGH: Microsoft Internet Explorer Cumulative Update (MS05-025)
Affected:
Internet Explorer version 5.01 SP3/SP4
Internet Explorer version 5.5 SP2
Internet Explorer version 6.0 and SP1
Windows 98/ME/SE/2000 SP3 and SP4/XP SP1 and SP2/2003 including SP1

Description: Microsoft has released a cumulative security update for Internet
Explorer - MS05-025, which replaces the previously released update MS05-020.
This update fixes the following vulnerabilities:
(a) Portable Network Graphics (PNG) is a format for rendering images and
used as an alternative to GIF. A PNG image consists of a PNG header followed
by a sequence of "chunks" (PNG specification defines 18 such chunk types).
Microsoft's PNG library contains a heap-based buffer overflow that can be
triggered by a PNG image with a certain large chunk size. This library is
used by Internet Explorer for displaying PNG images; hence, a webpage
displaying a crafted PNG file can exploit this overflow to execute arbitrary
code on a client system.
(b) A vulnerability in Internet Explorer can be exploited by a malicious
webpage to read local or non-local XML files, potentially providing the
attacker with sensitive information. The vulnerability is a variation of
the one patched by MS02-047. Proof-of-concept exploit code is publicly
available for the older vulnerability.
(c) The update also sets the kill bit for the older versions of DigWebX
ActiveX control as it reportedly contains a yet undisclosed vulnerability.

Status: Apply the update referenced in Microsoft Security Bulletin MS05-025.

Council Site Actions: All council sites plan to deploy this patch, either
during their next regularly scheduled system update process or within the
next week.

References:
Microsoft Security Bulletin MS05-025
http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx
ISS X-Force Advisory (PNG Overflow)
http://xforce.iss.net/xforce/alerts/id/196
NISCC Advisory
http://www.niscc.gov.uk/niscc/docs/al-20050614-00488.html?lang=en
SANS Handler's Diary Posting
http://isc.sans.org/diary.php?date=2005-06-14
PNG Specification
http://www.libpng.org/pub/png/spec/iso/index-object.html
GreyMagic Advisory (IE XML Disclosure Vulnerability from 2002)
http://www.greymagic.com/security/advisories/gm009-ie/
SecurityFocus BIDs
http://www.securityfocus.om/bid/13941
http://www.securityfocus.om/bid/13943
http://www.securityfocus.om/bid/13946

posted by CONNECTTO.NET TECHNICAL SUPPORT TEAM at 7:23 AM  

0 Comments:

Post a Comment

<< Home