Fw: Alert: Microsoft Security Bulletin - MS03-011

["OC Hosting - Lance L" <lance () ochosting com>]

----- Original Message -----
From: "Russ" <Russ.Cooper () RC ON CA>
To: <NTBUGTRAQ () LISTSERV NTBUGTRAQ COM>
Sent: Wednesday, April 09, 2003 10:10 AM
Subject: Alert: Microsoft Security Bulletin - MS03-011


http://www.microsoft.com/technet/security/bulletin/MS03-011.asp

Flaw in Microsoft VM Could Enable System Compromise (816093)

Originally posted: April 09, 2003

Summary

Who should read this bulletin: Customers using Microsoft® Windows®.

Impact of vulnerability: Allow attacker to execute code of his or her
choice.

Maximum Severity Rating: Critical

Recommendation: Customers should install build 3810 or later of the
Microsoft VM, as discussed below

End User Bulletin: An end user version of this bulletin is available at:
http://www.microsoft.com/security/security_bulletins/ms03-011.asp

Affected Software:
- Versions of the Microsoft virtual machine (Microsoft VM) are identified by
build numbers, which can be determined using the JVIEW tool as discussed in
the FAQ. All builds of the Microsoft VM up to and including build 5.0.3809
are affected by these vulnerabilities.

Technical description:

The Microsoft VM is a virtual machine for the Win32® operating environment.
The Microsoft VM is shipped in most versions of Windows (a complete list is
available in the FAQ), as well as in most versions of Internet Explorer.

The present Microsoft VM, which includes all previously released fixes to
the VM, has been updated to include a fix for the newly reported security
vulnerability. This new security vulnerability affects the ByteCode Verifier
component of the Microsoft VM, and results because the ByteCode verifier
does not correctly check for the presence of certain malicious code when a
Java applet is being loaded. The attack vector for this new security issue
would likely involve an attacker creating a malicious Java applet and
inserting it into a web page that when opened, would exploit the
vulnerability. An attacker could then host this malicious web page on a web
site, or could send it to a user in e-mail

Mitigating factors:
- In order to exploit this vulnerability via the web-based attack vector,
the attacker would need to entice a user into visiting a web site that the
attacker controlled. The vulnerability themselves provide no way to force a
user to a web site.
- Java applets are disabled within the Restricted Sites Zone. As a result,
any mail client that opened HTML mail within the Restricted Sites Zone, such
as Outlook 2002, Outlook Express 6, or Outlook 98 or 2000 when used in
conjunction with the Outlook Email Security Update, would not be at risk
from the mail-based attack vector.
- The vulnerability would gain only the privileges of the user, so customers
who operate with less than administrative privileges would be at less risk
from the vulnerability.
- Corporate IT administrators could limit the risk posed to their users by
using application filters at the firewall to inspect and block mobile code.

Vulnerability identifier: CAN-2003-0111



This email is sent to NTBugtraq automatically as a service to my
subscribers. (v1.18)

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?

Need assistance crafting the format or translating your advisory to English?

Need to verify it, or having problems contacting the Vendor?

Contact mailto:Advisories () NTBugtraq com

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo