=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2008/VULN504
_____________________________________________________________________

DATE                      : 12/11/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows running Microsoft XML Core Services,
                             Microsoft Office 2003, Microsoft Word Viewer 2003,
                             2007 Microsoft Office System, Microsoft Office
                             Compatibility Pack for Word, Excel,
                             and PowerPoint 2007 File Formats.

======================================================================
http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
______________________________________________________________________

Microsoft Security Bulletin MS08-069  Critical

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code
Execution (955218)

   Published: November 11, 2008

   Version: 1.0

General Information

Executive Summary

   This security update resolves several vulnerabilities in Microsoft XML
   Core Services. The most severe vulnerability could allow remote code
   execution if a user viewed a specially crafted Web page using Internet
   Explorer. Users whose accounts are configured to have fewer user rights
   on the system could be less impacted than users who operate with
   administrative user rights.

   This security update is rated Critical for Microsoft XML Core Services
   3.0 and Important for Microsoft XML Core Services 4.0, Microsoft XML Core
   Services 5.0, and Microsoft XML Core Services 6.0.

   The security update addresses the vulnerabilities by modifying the way
   that Microsoft XML Core Services parses XML content, handles external
   document type definitions (DTD), and sets HTTP request fields.

   Recommendation. Microsoft recommends that customers apply the update
   immediately.

Affected Software

   o Microsoft Windows 2000 Service Pack 4
   o Windows XP Service Pack 2
   o Windows XP Service Pack 3
   o Windows XP Professional x64 Edition and Windows XP Professional x64
     Edition Service Pack 2
   o Windows Server 2003 Service Pack 1 and Windows Server 2003 Service
     Pack 2
   o Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition
     Service Pack 2
   o Windows Server 2003 with SP1 for Itanium-based Systems and Windows
     Server 2003 with SP2 for Itanium-based Systems
   o Windows Vista
   o Windows Vista Service Pack 1
   o Windows Vista x64 Edition
   o Windows Vista x64 Edition Service Pack 1
   o Windows Server 2008 for 32-bit Systems*
   o Windows Server 2008 for x64-based Systems*
   o Windows Server 2008 for Itanium-based Systems
   o Microsoft Office 2003 Service Pack 3
   o Microsoft Word Viewer 2003 Service Pack 3
   o 2007 Microsoft Office System
   o 2007 Microsoft Office System Service Pack 1
   o Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
     2007 File Formats

   *Windows Server 2008 Server Core installation not affected

Non-Affected Software

   o Microsoft Office 2000 Service Pack 3
   o Microsoft Office XP Service Pack 3
   o Microsoft Office SharePoint Portal Server 2001 Service Pack 3
   o Microsoft Office SharePoint Portal Server 2003 Service Pack 3
   o Microsoft Excel Viewer 2003 Service Pack 3

Vulnerability Information

MSXML Memory Corruption Vulnerability - CVE-2007-0099

A remote code execution vulnerability exists in the way that Microsoft
XML Core Services parses XML content. The vulnerability could allow remote
code execution if a user browses a Web site that contains specially crafted
content or opens specially crafted HTML e-mail.

MSXML DTD Cross-Domain Scripting Vulnerability - CVE-2008-4029

An information disclosure vulnerability exists in the way that Microsoft
XML Core Services handles error checks for external document type
definitions (DTDs). The vulnerability could allow information disclosure
if a user browses a Web site that contains specially crafted content or
opens specially crafted HTML e-mail.

MSXML Header Request Vulnerability - CVE-2008-4033

An information disclosure vulnerability exists in the way that Microsoft
XML Core Services handles transfer-encoding headers. The vulnerability
could allow information disclosure if a user browses a Web site that
contains specially crafted content or opens specially crafted HTML e-mail.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================