===================================================================== CERT-Renater Note d'Information No. 2008/VULN033 _____________________________________________________________________ DATE : 13/02/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Mac OS X. ====================================================================== MS08-008 - Critical - Vulnerability in OLE Automation Could Allow Remote Code Execution (947890) Published: February 12, 2008 Version: 1.0 This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embedding (OLE) Automation. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Affected Software o Windows 2000 Service Pack 4 o Windows XP Service Pack 2 o Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 o Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 o Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 o Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems o Windows Vista o Windows Vista x64 Edition o Microsoft Office 2004 for Mac o Microsoft Visual Basic 6.0 Service Pack 6 Vulnerability Information OLE Heap Overrun Vulnerability - CVE-2007-0065 A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Workarounds for OLE Heap Overrun Vulnerability - CVE-2007-0065 o Disable attempts to instantiate the Microsoft Forms 2.0 ImageActiveX Control in Internet Explorer o Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone o Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================