lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <24498240.20361154729731636.JavaMail.juha-matti.laurio@netti.fi>
Date: Sat, 5 Aug 2006 01:15:30 +0300 (EEST)
From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Will Microsoft patch remarkable old Msjet40.dll issue?

Microsoft informs about ten existing Windows flaws and two Office flaws at
http://www.microsoft.com/technet/security/bulletin/advance.mspx

Some of the upcoming security bulletins have Critical severity.

Maybe it's time to release a fix to remarkable old Msjet40.dll issue reported by HexView as early as in March 2005.

Some background information:

In May Trojans exploited undocumented 0-day vulnerability in MS Word.
In June Trojans attacked against Excel.
July was the month of PowerPoint 0-days.

Actually there was no reports about the fourth Office case. But there was another Office case too.
It was related to Microsoft Access.

Trojan Backdoor.Pcclient.B attacked against unpatched
'Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability'
spreaded with dropper file containing Trojan.Acdropper.B.
This is not a surprise, because at least three public exploits have been published.

A coverage list of references is listed at http://www.kb.cert.org/vuls/id/176380

US-CERT doesn't list affected systems, but Access 2003, 2002 and 2002 install Msjet40.dll.

These were not the last Office issues we will see. And more is coming if old Office flaws keep unpatched in the future.

More details and some conclusions at my new entry
http://blogs.securiteam.com/?p=535


- Juha-Matti

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ