Microsoft Flaws Put Users In Bermuda Triangle

by CXOtoday Staff    Mar 10, 2004

Microsoft released a trio of alerts as part of its ’routine update procedure’, declaring Windows, Outlook, and MSN users as vulnerable to security threats.

The first update, which affects Windows 2000 users, was rated moderate on Microsoft’s severity rating. Users can download the patch by clicking here.

According to Microsoft’s security bulletin, a vulnerability exists because of the way Windows Media Station Service and Windows Media Monitor Service (components of Windows Media Services) handle TCP/IP connections. If a remote user sends a special sequence of TCP/IP packets to the listening port of either of these services, the service could stop responding to requests and no additional connections will be made. The service must be restarted to regain its functionality.

The second vulnerability, which was rated as ’important’, affects Microsoft Office XP and Outlook 2002 users.

The vulnerability exists within Outlook 2002 that could allow Internet Explorer to execute script code in the local machine zone on an affected system. The parsing of specially crafted mailto URL’s by Outlook 2002 causes this vulnerability. To exploit this vulnerability, an attacker would have to host a malicious Web site that contained a Web page designed to exploit the vulnerability and then persuade a user to view the Web page.

The attacker could also create an HTML e-mail message designed to exploit the vulnerability and persuade the user to view the HTML e-mail message. After the user has visited the malicious Web site or viewed the malicious HTML e-mail message, an attacker who successfully exploited this vulnerability could access files on a user’s system or run arbitrary code on a user’s system. This code would run in the security context of the currently logged-on user. As Outlook 2002 is available as a separate product and is also included as part of Office XP, the same vulnerability affects both.

The update for Office XP can be downloaded here, and the Outlook patch can be found on Microsoft’s website.

The third vulnerability exists in MSN Messenger because of the method used by the IM software to handle a file request. An attacker could exploit this vulnerability by sending a specially crafted request to a user running Messenger. If exploited successfully, the attacker could view the contents of a file on the hard drive without the user’s knowledge as long as the attacker knew the location of the file and the user had read access to the file.

To exploit this vulnerability, an attacker would have to know the sign-on name of the user in order to send the request. However, the flaw received a severity rating of ’moderate’ and Microsoft has released separate patches for different versions which can be found here.