PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Alert - Microsoft Security Advisory 961051 Released



joneum
18.12.2008, 10:16
Microsoft untersucht derzeit neue Berichte über Angriffe auf eine mögliche Sicherheitsanfälligkeit beim Internet Explorer 7.
Weitere Infos findet Ihr in der Mail unten (engl.) oder in den nächsten Tagen auf http://www.microsoft.com/germany/technet/sicherheit/empfehlungen/default.mspx (dt).

_________________________________
What is the purpose of this alert?
This alert is to notify you that Microsoft has released Security Advisory 961051 - Vulnerability in Internet Explorer Could Allow Remote Code Execution on December 10, 2008.

Summary

Microsoft is investigating new public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.

At this time, we are aware only of limited attacks that attempt to use this vulnerability. Our investigation of these attacks so far has verified that they are not successful against customers who have applied the workarounds listed in this advisory. Additionally, there are mitigations that increase the difficulty of exploiting this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program<http://www.microsoft.com/security/msrc/mapp/overview.mspx> (http://www.microsoft.com/security/msrc/mapp/overview.mspx) (MAPP) and our Microsoft Security Response Alliance<http://www.microsoft.com/security/msra/default.mspx> (http://www.microsoft.com/security/msra/default.mspx) (MSRA) programs to provide information that they can use to provide broader protections to customers. In addition, we're actively working with partners to monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability.

We are actively investigating the vulnerability these attacks attempt to exploit. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Mitigating Factors

* Protected Mode<http://www.microsoft.com/windows/windows-vista/features/IE7-protected-mode.aspx> (http://www.microsoft.com/windows/windows-vista/features/IE7-protected-mode.aspx) in Internet Explorer 7 in Windows Vista limits the impact of the vulnerability.
* By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration<http://go.microsoft.com/fwlink/?LinkId=92039> (http://go.microsoft.com/fwlink/?LinkId=92039). This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See the FAQ subsection of this vulnerability section for more information about Internet Explorer Enhanced Security Configuration.
* An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
* Currently known attacks cannot exploit this issue automatically through e-mail.
Recommendations

Review Microsoft Security Advisory 961051 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ), and links to additional resources.

Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (866)PCSAFETY. International customers can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/protect/support/default.mspx (click on the select your region hyperlink in the first paragraph).

Additional Resources

* Microsoft Security Advisory 961051 - Vulnerability in Internet Explorer Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/961051.mspx.

* Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc.

* Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc.

* Security Vulnerability Research & Defense (SVRD) Blog: http://blogs.technet.com/swi.

* Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl.

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft's security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's Web-based security content, the information in Microsoft's Web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,
Microsoft CSS Security Team

joneum
18.12.2008, 10:17
heute Nacht erhielt ich nachfolgende überarbeitete Sicherheitsempfehlung (Sicherheitsanfälligkeit in Internet Explorer - erstmals veröffentlicht am 11.12.08). Weitere Infos entnehmt bitte der Mail unten.
Deutsche Informationen findet Ihr in den nächsten Tagen unter: http://www.microsoft.com/germany/technet/sicherheit/empfehlungen/default.mspx

_____________________________
What is the purpose of this alert?
This alert is to notify you that Microsoft has made several Major Revisions to Security Advisory 961051 - Vulnerability in Internet Explorer Could Allow Remote Code Execution on December 11, 2008.

Summary

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.

This update to the advisory contains information about which versions of Internet Explorer are vulnerable as well as new workarounds and a recommendation on the most effective workarounds.

Revision INFORMATION

* On December 11, 2008 Microsoft has revised Security Advisory 961051 to include Microsoft Internet Explorer 6 and Windows Internet Explorer 8 (Beta) as affected software. Also added more workarounds.
* To receive notification of all revisions for this and all security bulletins and advisories, please register for the Security Notification Service Comprehensive Edition at http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Recommendations

Review Microsoft Security Advisory 961051 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ), and links to additional resources.

Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (866)PCSAFETY. International customers can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/protect/support/default.mspx (click on the select your region hyperlink in the first paragraph).

Additional Resources

* Microsoft Security Advisory 961051 - Vulnerability in Internet Explorer Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/961051.mspx.

* Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc.

* Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/archive/2008/12/11/limited-exploitation-of-microsoft-security-advisory-961051.aspx.

* Security Vulnerability Research & Defense (SVRD) Blog: http://blogs.technet.com/swi.

* Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl.

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft's security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's Web-based security content, the information in Microsoft's Web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,
Microsoft CSS Security Team