[LINK] vista security security flaws
Kim Holburn
kim.holburn at gmail.com
Thu Feb 15 22:16:05 AEDT 2007
http://www.theinquirer.net/default.aspx?article=37629
> MS malware engine vulnerable to malware
>
> You couldn't make it up
>
> By Andrew Thomas: Wednesday 14 February 2007, 15:09
> OH DEAR, OH DEAR. If there was one piece of software you'd expect
> to be secure from malware attacks it would have to be malware
> protection software itself. Sadly, this is not the case with
> Microsoft Defender, the software giant's all-singing, all-dancing
> user security package.
>
> According to security bulletin CVE-2006-5270 - Microsoft Malware
> Protection Engine Vulnerability, Integer overflow in the Microsoft
> Malware Protection Engine (mpengine.dll), as used by Windows Live
> OneCare, Antigen, Defender, and Forefront Security, allows user-
> assisted remote attackers to execute arbitrary code via a PDF file.
> All the following are at risk of remote code execution:
>
> Windows Live OneCare
> Microsoft Antigen for Exchange 9.x
> Microsoft Antigen for SMTP Gateway 9.x
> Microsoft Windows Defender
> Microsoft Windows Defender x64 Edition
> Microsoft Windows Defender in Windows Vista
> Microsoft Forefront Security for Exchange Server
> Microsoft Forefront Security for SharePoint
>
> According to the bulletin – rated 'critical' – a remote code
> execution vulnerability exists in the Microsoft Malware Protection
> Engine because of the way that it parses Portable Document Format
> (PDF) files. An attacker could exploit the vulnerability by
> constructing a specially crafted PDF File that could potentially
> allow remote code execution when the target computer system
> receives, and the Microsoft Malware Protection Engine scans, the
> PDF file.
>
> To have one insecure security product could be seen as unlucky; to
> have eight looks a bit like carelessness. µ
--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3342707610
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the Link
mailing list