Microsoft patches URI handling, DNS spoofing flaws

Summary:Microsoft has finally shipped a comprehensive fix for a critical URI handling vulnerability that exposes Windows users to drive-by malware attacks.

Microsoft has finally shipped a comprehensive fix for a critical URI handling vulnerability that exposes Windows users to drive-by malware attacks.

Microsoft patches critical URI handling, DNS spoofing flaws
The patch, available in the MS07-061 bulletin, covers a remote code execution vulnerability in the way that the Windows shell handles specially crafted URIs that are passed to it.

This is the same bug that was being exploited via rigged PDF files more than a month ago.

If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003.

The Windows shell in Windows Vista is not affected by this vulnerability.

[SEE: MS Outlook flaw adds new twist to URI handling saga ]

Microsoft said it has not identified any way to exploit this vulnerability on systems using Internet Explorer 6 but, as a defense-in-depth measure, the patch is being distributed all customers using supported editions of Windows XP and Windows Server 2003, regardless of which version of Internet Explorer is installed.

A second bulletin in this month's Patch Tuesday (MS07-062) provides cover for a spoofing vulnerability in Windows DNS Servers.

From the bulletin:

The Windows DNS Server service doesn’t provide enough entropy in its random choice of transaction values when it sends out queries to upstream DNS servers. An attacker who successfully exploited this vulnerability could gain information about the DNS server’s transaction IDs, and use that information to send malicious responses to DNS requests, thus redirecting Internet traffic from legitimate locations to an address of the attacker’s choice.

The DNS spoofing flaw carries an "important" rating.

Topics: Software, Browser, Microsoft, Networking, Operating Systems, Security, Windows

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.