addressing problems with WordPad, DHCP, HyperTerminal, Windows Kernel and WINS.
Security Bulletin MS04-041 concerns vulnerabilities in WordPad that could have potentially allowed a remote user to execute arbitrary code. The Table Conversion Vulnerability and the Font Conversion Vulnerability on their own, or in combination, could ultimately allow the successful exploiter to take control of a system.
MS04-042 addresses the Logging and DHCP
NT 4.0. Other flavors of windows, including Windows 98, 2000, Server 2003 and XP SP1
and SP2, are not affected. In the Logging vulnerability, a Denial of Service
exists that could allow an attacker to send a specially crafted DHCP message to a DHCP server, said the Microsoft bulletin.
In the DHCP Request vulnerability, a remote code execution vulnerability exists
that could allow an attacker to send a
specially crafted DHCP message to a DHCP server, according to the bulletin. However,
said Microsoft, attempts to exploit this vulnerability
would most likely result in a DoS of the DHCP Server service.
The HyperTerminal Vulnerability
affects all versions of Windows except for Windows 98, 98SE and ME.
“A remote code execution vulnerability exists in HyperTerminal because of a buffer
overrun,” according to Security Bulletin MS04-043. “An attacker could exploit the
vulnerability by constructing a malicious HyperTerminal session file that could
potentially allow remote code execution. An attacker could then persuade a user to
open this file.”
Microsoft grouped the Windows Kernel Vulnerability together with the
LSASS Vulnerability in
Security Bulletin MS04-044.
The two vulnerabilities allow for a privilege elevation that would permit an attacker to compromise a system.
The final patch corrects a
flaw in WINS that was
first detected at the beginning of December. The Name Validation
Vulnerability, according to
Security Bulletin MS04-045,
could allow an attacker to exploit the vulnerability by constructing a malicious
network packet that could potentially allow remote code execution on an affected system.
The other vulnerability cited in this bulletin, the Association Context Vulnerability,
could allow an attacker to construct “a malicious network packet
that could potentially allow remote code execution on an affected system. An attacker
who successfully exploited this vulnerability could take complete control of an affected system.
However, attempts to exploit this vulnerability would most likely result in a denial of service on Windows
Server 2003. The service would have to be restarted to restore functionality. that
alone or in combination could allow a system to be violated.”
There were no specific Microsoft Internet Explorer patches
in this latest update cycle from Redmond. The last patch
was released out of
cycle on Dec. 1 to correct an IFRAME vulnerability.