DP's Security Bits

RealNetworks has released an update to address multiple vulnerabilities in RealPlayer. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. RealNetworks identifies the vulnerabilities as the following:

• RealPlayer ActiveX controls property heap memory corruption.
• Local resource reference vulnerability in RealPlayer.
• RealPlayer SWF file heap-based buffer overflow.
• RealPlayer ActiveX import method buffer overflow.

US-CERT encourages users to review the RealNetworks advisory and apply the appropriate updates to help mitigate the risk.

http://www.us-cert.gov/current/index.html#realplayer_releases_update

Issued: July 25, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-037 - Important

Bulletin Information:

* MS08-037 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
  - Reason for Revision: V2.2 (July 25, 2008): Added three new known
    issues entries to Frequently Asked Questions (FAQ) related to
    this Security Update. 
  - Originally posted: July 8, 2008
  - Updated: July 25, 2008
  - Bulletin Severity Rating: Important
  - Version: 2.2

Issued: July 25, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (956187)
  - Title: Increased Threat for DNS Spoofing Vulnerability
  - http://www.microsoft.com/technet/security/advisory/956187.mspx
  - Revision Note: July 25, 2008: Advisory published

Issued: July 23, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-040 - Important
  * MS08-037 - Important

Bulletin Information:

* MS08-040 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx
  - Reason for Revision: V1.5 (July 23, 2008): Added removal
    information notes for Microsoft SQL Server 2000 Desktop
    Engine (WMSDE) and Windows Internal Database (WYukon) to
    clarify that removing this security update for WMSDE or
    WYukon will also completely remove the instance of WMSDE or
    WYukon from the system. 
  - Originally posted: July 8, 2008
  - Updated: July 23, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.5
   
* MS08-037 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
  - Reason for Revision: V2.1 (July 23, 2008): Affected Software
    table revised to add MS06-064, MS07-062, and MS08-001 as
    bulletins replaced by this update. 
  - Originally posted: July 8, 2008
  - Updated: July 23, 2008
  - Bulletin Severity Rating: Important
  - Version: 2.1

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new Storm Worm campaign around the theme of the U.S. credit crunch. We have detected a series of email subject lines used to entice users into downloading a Trojan. Here are a few examples of the subjects we have seen in this campaign:

• The new currency is coming
• Amero arrives
• Amero currency Union is now the reality
• The AMERO currency replacing the Dollar

We have previously seen the group behind the infamous Storm Worm use the tried and tested U.S. Independence Day theme and capitalize on global attention around fake World War III news.

Details ...

Issued: July 18, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-040 - Important

Bulletin Information:

* MS08-040 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx
  - Reason for Revision: V1.4 (July 18, 2008): Corrected the list of
    valid product instance names in the Microsoft SQL Server 2000
    Desktop Engine (WMSDE) subsection under the Security Update
    Information section. Also added entry to the Frequently Asked
    Questions (FAQ) Related to This Security Update to
    communicate a detection change in the way that Windows Server
    Update Services (WSUS) offers the update for Microsoft SQL
    Server 2000 Desktop Engine (WMSDE). 
  - Originally posted: July 8, 2008
  - Updated: July 18, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.4

Issued: July 10, 2008

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS08-037 - Important

Bulletin Information:

* MS08-037 - Important

 - http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
 - Reason for Revision: V2.0 (July 10, 2008): Bulletin revised to
    inform users of ZoneAlarm and Check Point Endpoint Security
    of an Internet connectivity issue detailed in the section,
    Frequently Asked Questions (FAQ) Related to this Security
    Update. The revision did not change the security update files
    in this bulletin, but users of ZoneAlarm and Check Point
    Endpoint Security should read the FAQ entries for guidance. 
 - Originally posted: July 8, 2008
 - Updated: July 10, 2008
 - Bulletin Severity Rating: Important
 - Version: 2.0

Sun has released updates for Java SE. These updates address multiple vulnerabilities in Java Runtime Environment (JRE), Java Web Start, Java Management Extensions (JMX), JDK, and Java Runtime Environment Virtual Machine. These vulnerabilities may allow a remote attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information or cause a denial-of-service condition.

US-CERT encourages users to review the following Sun Alerts and apply any necessary updates:

• Sun Alert 238628 - Security Vulnerabilities in the Java Runtime Environment related to the processing of XML Data
• Sun Alert 238666 - A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges
• Sun Alert 238687 - Security Vulnerabilities in the Java Runtime Environment Scripting Language Support
• Sun Alert 238905 - Multiple Security Vulnerabilities in Java Web Start may allow Privileges to be Elevated
• Sun Alert 238965 - Security Vulnerability in Java Management Extensions (JMX)
• Sun Alert 238966 - Security Vulnerability in JDK/JRE Secure Static Versioning
• Sun Alert 238967 - Security Vulnerability in the Java Runtime Environment Virtual Machine may allow an untrusted Application or Applet to Elevate Privileges
• Sun Alert 238968 - Security Vulnerabilities in the Java Runtime Environment may allow Same Origin Policy to be Bypassed

US-CERT will provide additional information as it becomes available.

http://www.us-cert.gov/current/index.html#sun_releases_updates_for_java

Issued: July 9, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (954960)
  - Title: Microsoft Windows Server Update Services
    (WSUS) Blocked from Deploying Security Updates
  - http://www.microsoft.com/technet/security/advisory/954960.mspx
  - Revision Note: July 9, 2008: Advisory updated to reflect
    availability of fix.

Issued: July 9, 2008

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS08-040 - Important
  * MS08-039 - Important

Bulletin Information:

* MS08-040 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx
  - Reason for Revision: V1.1 (July 9, 2008): Removed erroneous
    references to SQL Server 2005 Service Pack 1 in the MBSA and
    SMS Detection and Deployment tables. Also clarified
    permissions requirements for vulnerability mitigating factors. 
  - Originally posted: July 8, 2008
  - Updated: July 9, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.1
   
* MS08-039 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms08-039.mspx
  - Reason for Revision: V1.1 (July 9, 2008): Changed the information
    reference link for OWA Premium in the Mitigating Factors
    sections for both vulnerabilities. 
  - Originally posted: July 8, 2008
  - Updated: July 9, 2008
  - Bulletin Severity Rating: Important
  - Version: 1.1

US-CERT is aware of deficiencies in the DNS protocol. Implementations of this protocol may leave the affected system vulnerable to DNS cache poisoning attacks. If an attacker can successfully conduct a cache poisoning attack, they may be able to cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. This may allow an attacker to obtain sensitive information or mislead users into believing they are visiting a legitimate website.

US-CERT encourages users to review "VU#800113 - Multiple DNS implementations vulnerable to cache poisoning" and apply any necessary solutions listed in that document to help mitigate the risks.

US-CERT will provide additional information as it becomes available.

http://www.us-cert.gov/current/index.html#dns_implementations_vulnerable_to_cache

Issued: July 8, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (953635)
  - Title: Vulnerability in Microsoft Word Could Allow
    Remote Code Execution
  - http://www.microsoft.com/technet/security/advisory/953635.mspx
  - Revision Note: Advisory published. 

Note: There may be latency issues due to replication, if the page does not display keep refreshing
July 8, 2008

Today Microsoft released the following Security Bulletin(s). 

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

July Bulletin Summary

Important (4)

MS08-040 - Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
MS08-038 - Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)
MS08-039 - Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
  
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.

Issued: July 7, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (955179)
  - Title: Vulnerability in the ActiveX Control for the
    Snapshot Viewer for Microsoft Access Could Allow Remote Code
Execution
  - http://www.microsoft.com/technet/security/advisory/955179.mspx
  - Revision Note: Advisory published.   

Issued: July 3, 2008

This is an advance notification of security bulletins that
Microsoft is intending to release on July 8, 2008.

The full version of the Microsoft Security Bulletin Advance
Notification for July 2008 can be found at
http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx.

This bulletin advance notification will be replaced with the
July bulletin summary on July 8, 2008. For more information
about the bulletin advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, July 9, 2008,
at 11:00 AM Pacific Time (US & Canada). Register for the July
Security Bulletin Webcast at
http://www.microsoft.com/technet/security/bulletin/summary.mspx.

Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.

This advance notification provides the software subject as the
bulletin identifier, because the official Microsoft Security
Bulletin numbers are not issued until release. The bulletin summary
that replaces this advance notification will have the proper
Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the
bulletin identifier. The security bulletins for this month are as
follows, in order of severity:


Important Security Bulletins

SQL Bulletin

  - Affected Software:
    - Microsoft SQL Server 2000 Desktop Engine (WMSDE) on
      Microsoft Windows 2000 Service Pack 4
    - Microsoft SQL Server 2000 Desktop Engine (WMSDE) on
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Windows Internal Database (WYukon) Service Pack 2 on
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Microsoft SQL Server 2000 Desktop Engine (WMSDE) on
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Windows Internal Database (WYukon) x64 Edition Service Pack 2
      on Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Windows Internal Database (WYukon) Service Pack 2
      on Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Internal Database (WYukon) x64 Edition Service Pack 2
      on Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - GDR update for SQL Server 7.0 Service Pack 4
    - QFE update for SQL Server 7.0 Service Pack 4
    - GDR update for SQL Server 2000 Service Pack 4
    - QFE update for SQL Server 2000 Service Pack 4
    - GDR update for SQL Server 2000
      Itanium-based Edition Service Pack 4
    - QFE update for SQL Server 2000
      Itanium-based Edition Service Pack 4
    - GDR update for SQL Server 2005 Service Pack 2
    - QFE update for SQL Server 2005 Service Pack 2
    - GDR update for SQL Server 2005 x64 Edition Service Pack 2
    - QFE update for SQL Server 2005 x64 Edition Service Pack 2
    - GDR update for SQL Server 2005 with SP2 for
      Itanium-based Systems
    - QFE update for SQL Server 2005 with SP2 for
      Itanium-based Systems
    - GDR update for Microsoft Data Engine (MSDE) 1.0 Service Pack 4
    - QFE update for Microsoft Data Engine (MSDE) 1.0 Service Pack 4
    - GDR update for Microsoft SQL Server 2000
      Desktop Engine (MSDE 2000) Service Pack 4
    - QFE update for Microsoft SQL Server 2000
      Desktop Engine (MSDE 2000) Service Pack 4
    - GDR update for Microsoft SQL Server 2005
      Express Edition Service Pack 2
    - QFE update for Microsoft SQL Server 2005
      Express Edition Service Pack 2
    - GDR update for Microsoft SQL Server 2005
      Express Edition with Advanced Services Service Pack 2
    - QFE update for Microsoft SQL Server 2005
      Express Edition with Advanced Services Service Pack 2

    - Impact: Elevation of Privilege
    - Version Number: 1.0

Windows Bulletin 1

  - Affected Software:
    - Windows Vista and
      Windows Vista Service Pack 1
    - Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    - Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    - Windows Server 2008 for Itanium-based Systems

    - Impact: Remote Code Execution
    - Version Number: 1.0

Windows Bulletin 2

  - Affected Software:
    - Client update for Microsoft Windows 2000 Service Pack 4
    - Server update for Microsoft Windows 2000 Service Pack 4
    - Client update for Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Client update for Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    - Client update for Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Server update for Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    - Client update for Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Server update for Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    - Client update for Windows Server 2003 with SP1 for
      Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Server update for Windows Server 2003 with SP1 for
      Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Server update for Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    - Server update for Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)

    - Impact: Spoofing
    - Version Number: 1.0

Exchange Server Bulletin

  - Affected Software:
    - Microsoft Exchange Server 2003 Service Pack 2
    - Microsoft Exchange Server 2007
    - Microsoft Exchange Server 2007 Service Pack 1

    - Impact: Elevation of Privilege
    - Version Number: 1.0


Other Information

Microsoft Windows Malicious Software Removal Tool:

Microsoft will release an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS:

For information about non-security releases on Windows Update and
Microsoft
update, please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
  Article 894199, Description of Software Update Services and
  Windows Server Update Services changes in content for 2008.
  Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
  Revised, and Released Updates for Microsoft Products Other Than
  Microsoft Windows

Issued: July 2, 2008

Security Advisories Updated or Released Today

 * Microsoft Security Advisory (953818)
  - Title: Blended Threat from Combined Attack Using
    Apple's Safari on the Windows Platform
  - http://www.microsoft.com/technet/security/advisory/953818.mspx
  - Revision Note: July 2, 2008: Updated the Suggested Actions.  

Known Vulnerabilities Fixed in Firefox 2.0.0.15:

MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15

Apple plugged 25 security holes in components of its Mac OS X operating system on Monday, closing remote execution vulnerabilities in its Safari Web browser and the Ruby Web programming language.

The software patch -- the fourth this year for Apple's Mac OS X -- also fixed flaws in the open-source Apache Tomcat Java server, Apple's VPN client, the operating system's screen lock, and the handling of potentially unsafe types of content. While the open-source Apache Tomcat server racked up the most vulnerabilities, the most severe issues affect the Ruby Web programming language, WebKit library for Safari, and Mac OS X core library functions.

http://www.securityfocus.com/brief/767