Infesting you with Virus News

Vulnerabilities

Microsoft Windows, Internet Explorer, and Active Template Library (ATL)... (PC1-2009-1941)

Overview

Vulnerability chart	Overview: Microsoft has issued out-of-band updates to concentrate on critical vulnerabilities in Microsoft Internet Explorer running on most supported versions of Windows. The updates also help mitigate attacks against ActiveX controls developed with affected versions of the Microsoft Active Template Library (ATL). Vulnerable: Internet Explorer 8 Microsoft Visual Studio
Remote Access Unknown patch availability Patch implementation unknown

References to Advisories, Solutions, and Tools

Release date:	2009-07-28
Description:	Systems Affected are listed below: Microsoft Windows and Windows Server; Microsoft Internet Explorer; Microsoft Visual Studio and C++ Redistributable Package; ActiveX controls from multiple vendors. Microsoft has released updates for critical vulnerabilities in Internet Explorer. The updates also include mitigations for attacks against vulnerable ActiveX controls that were created using vulnerable versions of the Active Template Library (ATL). Vulnerabilities present in the ATL can cause vulnerabilities in the resulting ActiveX controls and COM components. For example, the ATL typographical error described in this Security Development Lifecycle blog post caused the Microsoft Video ActiveX control stack buffer overflow (VU#180513, CVE-2008-0015). Any ActiveX control or COM component that was created with a vulnerable version of the ATL may be vulnerable. For example, Adobe and Cisco are affected.
Impact:	If a user is persuaded to view a malicious HTML document (for example, a Web page, HTML email message, or HTML attachment), a malicious user might be able to execute arbitrary code.
Solution:	System Administrators In order to address the vulnerabilities in Internet Explorer and mitigate attacks against affected ATL-based ActiveX controls, users are recommended to apply the updates described in Microsoft Security Bulletin MS09-034. Further details about the ATL mitigations are available in a Microsoft Security Research & Defense blog post. Administrators are advised to think about using an automated update distribution system like Windows Server Update Services (WSUS). Developers In order to stop creating affected controls, developers are recommended to update the ATL as described in Microsoft Security Bulletin MS09-035. In order to address vulnerabilities in current controls, they are recommended to recompile the controls using the updated ATL. Further discussion about the ATL vulnerabilities could be found in the Security Development Lifecycle blog.
Vulnerable:
References:	http://www.kb.cert.org/vuls/id/456745 http://www.kb.cert.org/vuls/id/180513 http://www.microsoft.com/technet/security/advisory/973882.mspx http://www.microsoft.com/technet/security/bulletin/ms09-034.mspx http://www.microsoft.com/technet/security/bulletin/ms09-035.mspx http://www.microsoft.com/security/atl.aspx http://blogs.technet.com/msrc/archive/2009/07/28/microsoft-security-advisory-973882-microsoft-security-bulletins-ms09-034-and-ms09-035-released.aspx http://blogs.technet.com/bluehat/archive/2009/07/27/black-hat-usa-atl-killbit-bypass.aspx http://msdn.microsoft.com/en-us/library/3ax346b7(VS.71).aspx http://blogs.msdn.com/sdl/archive/2009/07/28/atl-ms09-035-and-the-sdl.aspx http://blogs.technet.com/srd/archive/2009/07/28/internet-explorer-mitigations-for-atl-data-stream-vulnerabilities.aspx http://technet.microsoft.com/en-us/wsus/default.aspx http://blogs.adobe.com/psirt/2009/07/impact_of_microsoft_atl_vulner.html http://www.cisco.com/warp/public/707/cisco-sa-20090728-activex.shtml http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0015

Say something interesting!

Top 10 Malware Threats

1.	Security Monitor
2.	Win 7 Home Security
3.	AV Protection 2012
4.	Privacy Protection
5.	Duqu Trojan
6.	Windows Monitor
7.	Win 7 Home Security
8.	Privacy Protection
9.	Cloud AV 2012

Most searched files

1.	vprot.exe
2.	GameXNGO.exe
3.	setup.ovr
4.	RosebudMUI.msi
5.	fp_ax_cab_installer.exe
6.	phoenix.exe
7.	InfDefaultInstall.exe
8.	AcroPro.msi
9.	FlashUtil11c_ActiveX.exe
10.	WinBootstrapper.msi

Newest files

1.	FlashUtil32_11_2_202_228_ActiveX.exe
2.	sisnicxp.sys
3.	NTIDrvr.sys
4.	int15.sys
5.	anbmServ.exe
6.	E_FATIADA.EXE
7.	HP_IZE.exe
8.	viaagp1.sys
9.	SISAGPX.sys
10.	R8139n51.SYS

Home Tips Downloads Videos Files Virus list Vulnerabilities

Home > Vulnerabilities > pc1-2009-1941