Sophos

Download Windows 7 security - A great leap forward or business as usual?

« The Cost Of True Love Fake AV continuing the PDF onslaught »

The latest… latest, vulnerability analysis

Well, it’s about that time… Microsoft recently released their August 2009 Security Bulletin and, in turn, we’ve updated our vulnerability analysis page . This month’s update patches several important vulnerabilities that even the most diligent security-conscious web users should watch out for.

MS09-037MS09-038 and MS09-043 all resolve  vulnerabilities  ( in  Microsoft ATL,  .avi handling  and Microsoft Office Web Components )  that can allow an attacker to run code via drive-by browsing or accessing email attachments.

MS09-039 patches a vulnerability in WINS ( Windows Internet Name Service ). Though not a vulnerability that will affect Windows Desktops, it is worthy of attention as attackers can initiate this attack remotely. Attackers don’t require any operator-activity on the target system. If an attacker has network access to vulnerable WINS services - they can potentially exploit this to gain access to that system.

The disclosure I found the most interesting was MS09-042. MS09-042 fixes a challenge-response reflection vulnerability with some versions of Telnet. I’m not sure which part is the most interesting; that the NTLM challenge response could have been abused to gain access to the system initiating the connection - or that it was Telnet that was getting patched.

It’s been a while since I’ve used Telnet. Over the years Telnet gathered a reputation for not being the most secure protocol. When it was originally developed ( in the 1960s ! ) little to no attention was paid to security.  It appears Telnet’s come along way over the years, with new implementations like TLS-Telnet. The recent implementations aren’t as insecure as I initially supposed they’d be.

On a further historical note, it also appears that it’s been one year to the day since SophosLabs formed a dedicated vulnerability analysis team to post information about newly discovered exploitable vulnerabilities in Microsoft’s and other companies’ products.

If you’ve found our vulnerability posts to be valuable - or  have some suggestions for how we can better serve you, please let us know at sophosblog@sophos.com

Posted on August 12th, 2009 by Michael Shannon, Researcher, SophosLabs UK
Filed under: General

Email this story to a friend   Digg   Reddit   Technorati   Slashdot   Facebook   Twitter   NewsVine   MySpace   Google   Live   Mixx   del.icio.us   StumbleUpon  

Download Windows 7 security - A great leap forward or business as usual?

Related posts