=====================================================================
                                     CERT-Renater

                          Note d'Information No. 2007/VULN195
_____________________________________________________________________

DATE                      : 11/04/2007

HARDWARE PLATFORM(S)      :

OPERATING SYSTEM(S)       : Windows 2000, Windows XP, Windows Server 2003
                                 running Microsoft Agent.

======================================================================

MS07-020 - Vulnerability in Microsoft Agent Could Allow Remote Code
            Execution (932168)

Affected Software:
    -Microsoft Windows 2000 Service Pack 4
    -Microsoft Windows XP Service Pack 2
    -Microsoft Windows XP Professional x64 Edition and
     Microsoft Windows XP Professional x64 Edition Service Pack 2
    -Microsoft Windows Server 2003 and
     Microsoft Windows Server 2003 Service Pack 1 and
     Microsoft Server 2003 Service Pack 2
    -Microsoft Windows Server 2003 x64 Edition with Service Pack 1 and
     Microsoft Windows Server 2003 x64 Edition with Service Pack 2
    -Microsoft Windows Server 2003 for Itanium-based Systems,
     Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and
     Microsoft Windows Server 2003 with SP2 for Itanium-based Systems

Non-Affected Software:
    -Windows Vista
    -Windows Vista x64 Edition

Full MS07-020 advisory:
    http://www.microsoft.com/technet/security/bulletin/ms07-020.mspx


Vulnerability Details

Microsoft Agent URL Parsing Vulnerability
Could Allow Remote Code Execution - CVE-2007-1205

     Microsoft Agent is a component that uses interactive animated characters
     to guide users and can make using and learning to use a computer easier.

     A remote code execution vulnerability exists in Microsoft Agent in
     the way that it handles certain specially crafted URLs. An attacker
     who successfully exploited this vulnerability could take complete
     control of an affected system. An attacker could then install programs;
     view, change, or delete data; or create new accounts with full user rights.

======================================================================

            =========================================================
            Les serveurs de référence du CERT-Renater
            http://www.urec.fr/securite
            http://www.cru.fr/securite
            http://www.renater.fr
            =========================================================
            + CERT-RENATER          | tel : 01-53-94-20-44          +
            + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
            + 75013 Paris           | email: certsvp@renater.fr     +
            =========================================================