Vista hit by Patch Tuesday shrapnel

Summary:A close look at MS07-010 shows that Microsoft Windows Defender in Windows Vista is indeed vulnerable to a "critical" code execution flaw that was flagged by researchers at IBM's ISS X-Force unit.

Reports that Windows Vista emerged unscathed from the Patch Tuesday barrage have been slightly exaggerated.

A close look at MS07-010 shows that Microsoft Windows Defender in Windows Vista is indeed vulnerable to a "critical" code execution flaw that was flagged by researchers at IBM's ISS X-Force unit.

As Ed Bott correctly noted, this patch does not show up in Vista's automatic update mechanism. That's because the anti-spyware component comes with its own auto-update system that will pull down the patch independently. All the vulnerable products -- OneCare, Antigen, ForeFront and Windows Defender -- will get the patched scan engine automatically.

This is in effect the first remote code execution vulnerability to affect Vista since the operating system hit retail stores and it should not be pooh-poohed. The flaw is an integer overflow that leads to heap corruption when Microsoft's core anti-virus engine scans a dirty PDF file. As proven recently, maliciously rigged PDF files can trigger PC takeover attacks so the potential for real damage here is high.

Some other Patch Tuesday leftovers, via an interviewed I did yesterday with Mark Griesi, program manager in the MSRC (Microsoft Security Response Center):

  • All the under-attack Microsoft Office (Word and Excel) vulnerabilities have been fixed with MS07-014 and MS07-015.
  • The privilege elevation vulnerability confirmed in Windows Vista is still under investigation. It's been 60 days and counting since the release of proof-of-concept exploits for this flaw.
  • Also unpatched is a critical PowerPoint vulnerability that was reported to Microsoft since July 2006, seven months ago. FrSirt has the skinny.
  • In addition to the Word and Office patches, pay special attention to MS07-016, which covers three serious Internet Explorer bugs. All three flaws can be exploited by simply luring a surfer to a malicious Web page. IE 7 users are at risk too.

Also see Larry Dignan's riff on the problems associated with a strict monthly patch release cycle and the Internet Storm Center's recommendations on prioritizing the February updates.

Topics: Windows, Microsoft, Security

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.