This Tuesday Microsoft issued information on 12 security bulletins. The summary below provides Symantecs evaluation of some of the critical issues.
Server Service Vulnerability
Symantec Security Response rates the server service vulnerability to be the most critical of the security bulletins. This buffer overflow vulnerability in the Server service could be exploited by remote anonymous users and result in a complete system compromise. This vulnerability can be exploited via an RPC message over TCP ports 139 and 445. The possibility for a widespread worm that may leverage this vulnerability is high. This issue affects all Windows 2000, XP, and Server 2003 systems. Cross operating system exploits could be possible.
Microsoft PowerPoint Vulnerabilities
Microsoft also issued patches for multiple vulnerabilities in Microsoft PowerPoint. This bulletin corrects the zero-day PowerPoint vulnerability that was associated with Trojan.PPDropper.B. This Trojan was circulated through e-mail with a malicious PowerPoint attachment.
In addition to the PowerPoint vulnerabilities, this months series of patches includes fixes for many client-side issues affecting Internet Explorer, Microsoft Office, PowerPoint, and Outlook Express, said a Symantec spokesperson. These content parsing vulnerabilities are the primary focus for researchers and attackers alike, and we continue to see an increasing number of content borne threats as a result. As desktop applications continue to grow as a target, it is important that users continue to install available updated software patches on all applications regularly.
Symantec recommends the following actions for IT administrators:
Related links: (Open in a new window.)
www.microsoft.com/technet/security/bulletin/ms06-aug.mspx
Taken from Information Security Bulletin.