=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2007/VULN440
_____________________________________________________________________

DATE                      : 15/11/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows XP, Windows Server 2003.

======================================================================

Microsoft Security Bulletin MS07-061

   - Affected Software:
     - Windows XP Service Pack 2
     - Windows XP Professional x64 Edition
     - Windows XP Professional x64 Edition Service Pack 2
     - Windows Server 2003 Service Pack 1
     - Windows Server 2003 Service Pack 2
     - Windows Server 2003 x64 Edition
     - Windows Server 2003 x64 Edition Service Pack 2
     - Windows Server 2003 with SP1 for Itanium-based Systems
     - Windows Server 2003 with SP2 for Itanium-based Systems

     - Impact: Remote Code Execution
     - Version Number: 1.0

- - - From Microsoft Security Bulletin MS07-061:

Vulnerability Details

Windows URI Handling Vulnerability - CVE-2007-3896

A remote code execution vulnerability exists in the way that the Windows
shell handles specially crafted URIs that are passed to it. An attacker
could exploit this vulnerability by including a specially crafted URI in
an application or attachment, which could potentially allow remote code
execution.

To view this vulnerability as a standard entry in the Common
Vulnerabilities and Exposures list, see CVE-2007-3896.

Mitigating Factors for Windows URI Handling Vulnerability - CVE-2007-3896

Mitigation refers to a setting, common configuration, or general
best-practice, existing in a default state, that could reduce the severity
of exploitation of a vulnerability. The following mitigating factors may
be helpful in your situation:

Microsoft has not identified a way to exploit this vulnerability on any
Windows operating system that is running Internet Explorer 6

An attacker who successfully exploited this vulnerability could gain the
same user rights as the local user. Users whose accounts are configured
to have fewer user rights on the system could be less impacted than users
who operate with administrative user rights.

In an e-mail based attack of this exploit, customers who read e-mail in
plain text are at less risk from this vulnerability. To be more at risk
from this vulnerability, users would have to either click on a link that
would take them to a malicious Web site or open an attachment.


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================