===================================================================== CERT-Renater Note d'Information No. 2008/VULN433 _____________________________________________________________________ DATE : 15/10/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Internet Explorer. ====================================================================== KB956390 http://www.microsoft.com/technet/security/bulletin/ms08-058.mspx ______________________________________________________________________ Microsoft Security Bulletin MS08-058 - Critical Cumulative Security Update for Internet Explorer (956390) Published: October 14, 2008 Version: 1.0 General Information Executive Summary This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerabilities could allow information disclosure or remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, running on all supported editions of Microsoft Windows 2000, and for Internet Explorer 6 running on all supported editions of Windows XP. For Internet Explorer 7 running on all supported editions of Windows XP and Windows Vista, this security update is rated Important. Otherwise, this security update is rated Moderate or Low. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles the error resulting in the exploitable condition. Recommendation. Microsoft recommends that customers apply the update immediately. Affected Software Internet Explorer 5.01 Internet Explorer 6 Service Pack 1 Internet Explorer 6 Internet Explorer 7 Vulnerability Information Window Location Property Cross-Domain Vulnerability - CVE-2008-2947 A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow an attacker to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclosure, depending on the operating system, if a user viewed the Web page. Workarounds for Window Location Property Cross-Domain Vulnerability - CVE-2008-2947 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone HTML Element Cross-Domain Vulnerability - CVE-2008-3472 A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclosure, depending on the operating system, if a user viewed the Web page. Workarounds for HTML Element Cross-Domain Vulnerability - CVE-2008-3472 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone Event Handling Cross-Domain Vulnerability - CVE-2008-3473 A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclosure, depending on the operating system, if a user viewed the Web page. Workarounds for Event Handling Cross-Domain Vulnerability - CVE-2008-3473 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone Cross-Domain Information Disclosure Vulnerability - CVE-2008-3474 An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page. Workarounds for Cross-Domain Information Disclosure Vulnerability - CVE-2008-3474 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone Uninitialized Memory Corruption Vulnerability - CVE-2008-3475 A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has not been correctly initialized or that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Workarounds for Uninitialized Memory Corruption Vulnerability - CVE-2008-3475 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone HTML Objects Memory Corruption Vulnerability - CVE-2008-3476 A remote code execution vulnerability exists in Internet Explorer due to attempts to access uninitialized memory in certain situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Workarounds for HTML Objects Memory Corruption Vulnerability - CVE-2008-3476 Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================