===================================================================== CERT-Renater Note d'Information No. 2011/VULN322 _____________________________________________________________________ DATE : 13/04/2011 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows XP, 2003, Vista, 2008, 7 running MHTML protocol handler. ====================================================================== http://www.microsoft.com/technet/security/Bulletin/MS11-026.mspx ______________________________________________________________________ Microsoft Security Bulletin MS11-026 - Important Vulnerability in MHTML Could Allow Information Disclosure (2503658) Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user visited a specially crafted Web site. In a Web-based attack scenario, a Web site could contain a specially crafted link that is used to exploit this vulnerability. An attacker would have to convince users to visit the Web site and open the specially crafted link. This security update is rated Important for all supported editions of Windows XP, Windows Vista, and Windows 7, and rated Low for all supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section. Affected Software Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2** Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2** Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1** Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 ** Server Core installation not affected. The vulnerabilities addressed by this update do not affect supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, when installed using the Server Core installation option. Vulnerability Information MHTML Mime-Formatted Request Vulnerability - CVE-2011-0096 An information disclosure vulnerability exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to run a client-side script in the wrong security context. Similar to server-side cross-site scripting (XSS) vulnerabilities, it is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response to a Web request run in the context of the user's instance of Internet Explorer. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================