Author Topic: Microsoft Security Advisories 96872 & 967940  (Read 2914 times)

0 Members and 1 Guest are viewing this topic.

Offline Eric the Red

  • ISO/IEC 27001:2013
  • Administrator
  • Hero Member
  • *****
  • Posts: 1618
  • Would somebody please pass me a beer!
    • View Profile
Microsoft Security Advisories 96872 & 967940
« on: February 25, 2009, 10:10:06 AM »
The following information was received from Microsoft on February 25th:

Quote
This alert is to notify you that Microsoft has released two new security advisories on February 24, 2009:

* 968272 - Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
* 967940 - Update for Windows Autorun

====================================
OVERVIEW OF SECURITY ADVISORY 968272
====================================

Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (http://www.microsoft.com/security/msrc/mapp/overview.mspx) and our Microsoft Security Response Alliance (http://www.microsoft.com/security/msra/default.mspx) program to provide information that they can use to provide broader protections to customers. Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Review Microsoft Security Advisory 968272 for an overview of the issue, details on affected software, mitigating factors, suggested actions, frequently asked questions (FAQ), and links to additional resources. Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (866)PCSAFETY. International customers can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/protect/support/default.mspx (click on the select your region hyperlink in the first paragraph).

====================================
OVERVIEW OF SECURITY ADVISORY 967940
====================================

With security advisory 967940, Microsoft is announcing the availability of an update that corrects a functionality feature that can help customers in keeping their systems protected. The update corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected.

When functioning as expected, the NoDriveTypeAutoRun registry key can be used to selectively disable Autorun functionality (e.g. AutoPlay, double click, and contextual menu features associated with Autorun) for drives on a user's system and network. Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file.

Review Microsoft Security Advisory 967940 for an overview of the issue, details on affected software, suggested actions, frequently asked questions (FAQ), and links to additional resources.  This update is available through automatic updating and from the download center. For more information about this issue, including download links for this non-security update, see Microsoft Knowledge Base Article 967715 (http://support.microsoft.com/kb/967715).

====================================
ADDITIONAL RESOURCES
====================================

* Microsoft Security Advisory 968272 - Microsoft Office Excel Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/968272.mspx.

* Microsoft Security Advisory 967940 - Update for Windows Autorun - http://www.microsoft.com/technet/security/advisory/967940.mspx.

* Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc.

* Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc.

* Security Vulnerability Research & Defense (SVRD) Blog: http://blogs.technet.com/swi.

* Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl.
"The time to start running is around about the "e" in "Hey, you!" "

The information I provide is provided "AS IS" without warranty, and confers no rights.