Well, it’s about that time… Microsoft recently released their August 2009 Security Bulletin and, in turn, we’ve updated our vulnerability analysis page . This month’s update patches several important vulnerabilities that even the most diligent security-conscious web users should watch out for.
MS09-037, MS09-038 and MS09-043 all resolve vulnerabilities ( in Microsoft ATL, .avi handling and Microsoft Office Web Components ) that can allow an attacker to run code via drive-by browsing or accessing email attachments.
MS09-039 patches a vulnerability in WINS ( Windows Internet Name Service ). Though not a vulnerability that will affect Windows Desktops, it is worthy of attention as attackers can initiate this attack remotely. Attackers don’t require any operator-activity on the target system. If an attacker has network access to vulnerable WINS services – they can potentially exploit this to gain access to that system.
The disclosure I found the most interesting was MS09-042. MS09-042 fixes a challenge-response reflection vulnerability with some versions of Telnet. I’m not sure which part is the most interesting; that the NTLM challenge response could have been abused to gain access to the system initiating the connection – or that it was Telnet that was getting patched.
It’s been a while since I’ve used Telnet. Over the years Telnet gathered a reputation for not being the most secure protocol. When it was originally developed ( in the 1960s ! ) little to no attention was paid to security. It appears Telnet’s come along way over the years, with new implementations like TLS-Telnet. The recent implementations aren’t as insecure as I initially supposed they’d be.
On a further historical note, it also appears that it’s been one year to the day since SophosLabs formed a dedicated vulnerability analysis team to post information about newly discovered exploitable vulnerabilities in Microsoft’s and other companies’ products.
If you’ve found our vulnerability posts to be valuable – or have some suggestions for how we can better serve you, please let us know at firstname.lastname@example.org