contents

software
 
3Com's Zero Day Initiative Uncovers Two Microsoft Vulnerabilities

3Com and its TippingPoint division have announced that two critical new Microsoft vulnerabilities were discovered and disclosed through the Zero Day Initiative (ZDI). Through ZDI, 3Com notified Microsoft of the vulnerabilities, who worked quickly to issue a corresponding patch today in this month's Microsoft bulletins, eliminating the threat of a zero day attack. Through the Digital Vaccine update service, TippingPoint Intrusion Prevention Systems (IPS) provided protection for these vulnerabilities and all other critical bulletins announced by Microsoft.

The two critical vulnerabilities fixed were both in Microsoft's Internet Explorer browser (MS06-021: CVE-2006-2382 and CVE-2006-1303) and could have allowed an attacker to take complete control over a victim's computer if that user was logged in with administrative rights. Upon validating the vulnerabilities, 3Com reported the issues to Microsoft, which in turn has applied the necessary resources to address the vulnerability and issued the patch. 3Com customers using the TippingPoint IPS were preemptively protected against potential zero day attacks targeting the vulnerability.

The Microsoft Word vulnerability (MS06-027) also has been patched, already had been exploited in the wild to install malicious programs on users' systems. TippingPoint customers have been protected from exploitation of this vulnerability since May 23, 2006.

The goal of the Zero Day Initiative is to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. A zero day vulnerability is one that is unknown or one that has been publicly disclosed without a corresponding patch. Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities. 3Com notifies the affected vendor so a patch can be developed, and the researcher agrees to keep the information confidential until the patch is issued so affected organizations are not at risk. In addition to protecting all users from zero day threats by ensuring information is kept confidential until a patch is issued, TippingPoint customers are protected against zero day attacks through security filters delivered through the Digital Vaccine service.

In addition to protecting customers from the Internet Explorer vulnerabilities, TippingPoint Intrusion Prevention Systems were inoculated against issues in all of today's critical severity Microsoft bulletins through the Digital Vaccine service. Today marks the most vulnerabilities ever fixed at one time by Microsoft. The TippingPoint IPS provides protection for the following security bulletins announced by Microsoft:

(1) MS06-021
Cumulative Security Update for Internet Explorer
(Rating: Critical)

(2) MS06-022
Vulnerability in ART Image Rendering Could Allow Remote Code Execution
(Rating: Critical)

(3) MS06-023
Vulnerability in Microsoft JScript Could Allow Remote Code Execution
(Rating: Critical)

(4) MS06-024
Vulnerability in Windows Media Player Could Allow Remote Code
Execution
(Rating: Critical)

(5) MS06-025
Vulnerability in Routing and Remote Access Could Allow Remote Code
Execution
(Rating: Critical)

(6) MS06-026
Vulnerability in Graphics Rendering Engine Could Allow Remote Code
Execution
(Rating: Critical)

(7) MS06-027
Vulnerability in Microsoft Word Could Allow Remote Code Execution
(Rating: Critical)

(8) MS06-028
Vulnerability in Microsoft PowerPoint Could Allow Remote Code
Execution
(Rating: Critical)

(9) MS06-029
Vulnerability in Microsoft Exchange Server Running Outlook Web
Access Could Allow Script Injection
(Rating: Important)

(10) MS06-032
Vulnerability in TCP/IP Could Allow Remote Code Execution
(Rating: Important).



write your comments about the article :: 2006 Computing News :: home page