Tuesday, April 14, 2009

Microsoft Tuesday Coverage for April MS09-009, MS09-010, MS09-011, MS09-012, MS09-013, MS09-014, MS09-015, MS09-016

Microsoft Security Advisory MS09-009:
A programming error in Microsoft Excel may allow a remote attacker to execute code on a vulnerable system via a specially crafted XLS file.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 15465.

A previously released rule identified with GID 3, SID 15365 will also detect attacks targeting this vulnerability.

Microsoft Security Advisory MS09-010:
Multiple vulnerabilities in Microsoft Wordpad may allow a remote attacker to execute code on a vulnerable system via a malformed file.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 15466,15467,15469 and 15455.

Microsoft Security Advisory MS09-011:
A programming error in Microsoft DirectShow may allow a remote attacker to execute code on a vulnerable system via a specially crafted file.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 15457.

Microsoft Security Advisory MS09-012:
A programming error in the Microsoft network service may allow a remote attacker to escalate privileges on a vulnerable system.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 15470.

Microsoft Security Advisory MS09-013:
A vulnerability in Microsoft WinHTTP may allow a remote attacker to execute code on a vulnerable system. Additionally, a remote attacker may be able to supply an invalid SSL/TLS certificate to the service and impersonate a legitimate web service.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 15456 and 15462.

Additionally, a previously released rule identified with GID 3, SID 15124 will also detect attacks targeting these vulnerabilities.

Microsoft Security Advisory MS09-014:
Multiple vulnerabilities in Microsoft Internet Explorer may allow a remote attacker to execute code on a vulnerable system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 15458,15459,15460 and 15461.

Additionally, a previously released rule identified with GID 3, SID 15124 will also detect attacks targeting these vulnerabilities.

Microsoft Security Advisory MS09-015:
A vulnerability in the Microsoft SearchPath function may be exploited by a remote attacker should the target system be using the Apple Safari browser.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 15468.

Microsoft Security Advisory MS09-016:
Multiple vulnerabilities in Microsoft Internet Security and Acceleration (ISA) server may allow a remote attacker to cause a Denial of Service (DoS) or execute a cross site scripting attack.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 15474 and 15475

Details and rules available here: http://www.snort.org/vrt/advisories/vrt-rules-2009-04-14.html
Add to Technorati Favorites Digg! This

No comments: