From: Secunia Security Advisories (sec-advsecunia.com)
Date: Wed Oct 15 2003 - 15:44:10 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Microsoft Windows May Allow Installation of Arbitrary ActiveX
Controls

SECUNIA ADVISORY ID:
SA10010

VERIFY ADVISORY:
http://www.secunia.com/advisories/10010/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows NT 4.0 Workstation
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

DESCRIPTION:
Microsoft has issued patches to fix a vulnerability in Microsoft
Windows (Internet Explorer) allowing malicious HTML documents like
web pages or emails to install arbitrary ActiveX controls.

The problem is that Microsoft Windows fails to present the user with
an approval dialog under certain low memory conditions. When this
occurs ActiveX controls will be installed silently. Malicious HTML
documents may be able to cause low memory conditions.

This vulnerability can't be exploited on Microsoft Windows 2003 if
Internet Explorer runs in Enhanced Security Configuration.

SOLUTION:
Microsoft has issued patches:

The patches are available from WindowsUpdate or from:

Microsoft Windows NT Workstation 4.0, Service Pack 6a
http://www.microsoft.com/downloads/details.aspx?FamilyId=921466F5-BC40-4E8E-BB57-6B81B57C21B6&displaylang=en

Microsoft Windows NT Server 4.0, Service Pack 6a
http://www.microsoft.com/downloads/details.aspx?FamilyId=21F64FF0-9175-42BE-A8E4-BDC59A98BDF2&displaylang=en

Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
Pack 6
http://www.microsoft.com/downloads/details.aspx?FamilyId=C6688576-4682-4A30-BBD7-1817F2944890&displaylang=en

Microsoft Windows 2000, Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=C862E049-58B2-4486-8D98-23183D7EE17D&displaylang=en

Microsoft Windows 2000, Service Pack 3, Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=90D27AEC-7D2A-45FD-B85A-E98E574338F1&displaylang=en

Microsoft Windows XP Gold, Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=6CDF5303-D767-4D68-9BA7-055E93E87847&displaylang=en

Microsoft Windows XP 64-bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=D92EF2E8-C03A-43C0-B428-D76C4B669151&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11&displaylang=en

Microsoft Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=135D8C00-7B4B-4C21-8EAA-D58814635E0D&displaylang=en

Microsoft Windows Server 2003 64-bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=4DFF5AAB-FA62-4B81-9C08-5C9FCB905E11&displaylang=en

ORIGINAL ADVISORY:
Vulnerability in Authenticode Verification Could Allow Remote Code
Execution
http://www.microsoft.com/technet/security/bulletin/MS03-041.asp

OTHER REFERENCES:
http://support.microsoft.com/default.aspx?kbid=823182

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]