[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Will Microsoft patch remarkable old Msjet40.dll issue?
- To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] Will Microsoft patch remarkable old Msjet40.dll issue?
- From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
- Date: Sat, 5 Aug 2006 01:15:30 +0300 (EEST)
Microsoft informs about ten existing Windows flaws and two Office flaws at
http://www.microsoft.com/technet/security/bulletin/advance.mspx
Some of the upcoming security bulletins have Critical severity.
Maybe it's time to release a fix to remarkable old Msjet40.dll issue reported
by HexView as early as in March 2005.
Some background information:
In May Trojans exploited undocumented 0-day vulnerability in MS Word.
In June Trojans attacked against Excel.
July was the month of PowerPoint 0-days.
Actually there was no reports about the fourth Office case. But there was
another Office case too.
It was related to Microsoft Access.
Trojan Backdoor.Pcclient.B attacked against unpatched
'Microsoft Jet Database Engine Malformed Database File Buffer Overflow
Vulnerability'
spreaded with dropper file containing Trojan.Acdropper.B.
This is not a surprise, because at least three public exploits have been
published.
A coverage list of references is listed at http://www.kb.cert.org/vuls/id/176380
US-CERT doesn't list affected systems, but Access 2003, 2002 and 2002 install
Msjet40.dll.
These were not the last Office issues we will see. And more is coming if old
Office flaws keep unpatched in the future.
More details and some conclusions at my new entry
http://blogs.securiteam.com/?p=535
- Juha-Matti
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/