http://blogs.technet.com/msrc/archive/2010/03/29/internet-explorer-cumulative-update-releasing-out-of-band.aspx
Internet Explorer Cumulative Update Releasing Out-of-Band
Today we issued our Advanced Notification Service (ANS) to advise
customers that we will be releasing security update MS10-018 tomorrow,
March 30, 2010, at approximately10:00 a.m. PDT (UTC-8). MS10-018
resolves Security Advisory 981374,
addressing a publicly disclosed vulnerability in Internet Explorer 6
and Internet Explorer 7. Internet Explorer 8 is unaffected by the
vulnerability addressed in the advisory and we continue to encourage
all customers to upgrade to this version to benefit from the improved
security protection it offers.
We
recommend that customers install the update as soon as it is available.
Once applied, customers are protected against the known attacks related
to Security Advisory 981374. We have been monitoring this issue and
have determined an out-of-band release is needed to protect customers.
For customers using automatic updates, this update will automatically
be applied once it is released. Additionally,
because Security Bulletin MS10-18 is a cumulative update, it will also
address nine other vulnerabilities in Internet Explorer that were
planned for release on April 13.
Please
join us Tuesday, March 30 at 1:00 p.m. PST (UTC -8) for a public
webcast where we will present information on the bulletin and take
customer questions. Registration information:
Original URL
http://www.microsoft.com/technet/security/advisory/981374.mspx
Update March 31
> MULTI-STATE INFORMATION SHARING AND ANALYSIS CENTER CYBER SECURITY
> ADVISORY
> MS-ISAC ADVISORY NUMBER:
> 2010-023
> DATE(S) ISSUED:
> 3/30/2010
>
> SUBJECT:
> Multiple Vulnerabilities in Internet Explorer Could Allow Remote
> Code Execution (MS10-018)
>
> OVERVIEW:
> Ten vulnerabilities have been discovered in Microsoft’s web browser,
> Internet Explorer, which could allow an attacker to take complete c
> ontrol of an affected system. Exploitation may occur if a user visit
> s or is redirected to a web page which is specifically crafted to ta
> ke advantage of these vulnerabilities. Successful exploitation of th
> ese vulnerabilities could result in an attacker gaining the same pri
> vileges as the logged on user. Depending on the privileges associate
> d with the user, an attacker could then install programs; view, chan
> ge, or delete data; or create new accounts with full user rights.
>
> SYSTEMS AFFECTED:
> Windows 2000
> Windows 2003
> Windows XP
> Windows Vista
> Windows 7
> Windows Server 2008
> Internet Explorer 5
> Internet Explorer 6
> Internet Explorer 7
> Internet Explorer 8
> RISK:
> Government:
> Large and medium government entities: High
> Small government entities: High
>
> Businesses:
> Large and medium business entities: High
> Small business entities: High
>
> Home users: High
>
> DESCRIPTION:
> Ten vulnerabilities have been discovered in Microsoft Internet
> Explorer. Details of these vulnerabilities are as follows:
>
> Three Uninitialized Memory Corruption Vulnerabilities
> Three remote code execution vulnerabilities exist in the way that
> Internet Explorer accesses an object that has not been correctly
> initialized or has been deleted. Exploitation may occur if a user
> visits or is redirected to a web page which is specifically crafted
> to take advantage of these vulnerabilities. Successful exploitation
> of these vulnerabilities could result in an attacker gaining the
> same privileges as the logged on user. Depending on the privileges
> associated with the user, an attacker could then install programs;
> view, change, or delete data; or create new accounts with full user
> rights.
>
> Please note that one of these three vulnerabilities (CVE-2010-0806)
> was originally discussed in CSCIC advisory number 2010-021. We have
> updated our advisory to reflect that this patch is now available and
> are issuing this advisory to discuss the entirety of the Microsoft
> out of band release MS10-018.
>
> It is also important to note that if you applied the workarounds
> provided for CVE-2010-0806 then you must reverse them before
> applying the patch provided by Microsoft. Please follow the
> following instructions provided by Microsoft to reverse the
> workaround:
>
> http://www.microsoft.com/technet/security/advisory/981374.mspx
>
> Two HTML Object Memory Corruption Vulnerabilities
> Two remote code execution vulnerabilities exist in the way that
> Internet Explorer accesses an object that has not been correctly
> initialized or has been deleted. Exploitation may occur if a user
> visits a web page which is specifically crafted to take advantage of
> these vulnerabilities. Successful exploitation of these
> vulnerabilities could result in an attacker gaining the same
> privileges as the logged on user. Depending on the privileges
> associated with the user, an attacker could then install programs;
> view, change, or delete data; or create new accounts with full user
> rights.
>
> Race Condition Memory Corruption Vulnerability
> A remote code execution vulnerability exists in the way that
> Internet Explorer accesses an object that may have been corrupted
> due to a race condition. Exploitation may occur if a user visits a
> web page which is specifically crafted to take advantage of this
> vulnerability. Successful exploitation of this vulnerability could
> result in an attacker gaining the same privileges as the logged on
> user. Depending on the privileges associated with the user, an
> attacker could then install programs; view, change, or delete data;
> or create new accounts with full user rights.
>
> Memory Corruption Vulnerability
> A remote code execution vulnerability exists in the way that
> Internet Explorer manages a long URL in certain situations.
> Exploitation may occur if a user visits a web page which is
> specifically crafted to take advantage of this vulnerability.
> Successful exploitation of this vulnerability could result in an
> attacker gaining the same privileges as the logged on user.
> Depending on the privileges associated with the user, an attacker
> could then install programs; view, change, or delete data; or create
> new accounts with full user rights.
>
> HTML Rendering Memory Corruption Vulnerability
> A remote code execution vulnerability exists in the way that
> Internet Explorer accesses an object that has been deleted.
> Exploitation may occur if a user visits a web page which is
> specifically crafted to take advantage of this vulnerability.
> Successful exploitation of this vulnerability could result in an
> attacker gaining the same privileges as the logged on user.
> Depending on the privileges associated with the user, an attacker
> could then install programs; view, change, or delete data; or create
> new accounts with full user rights.
>
> Post Encoding Information Disclosure Vulnerability
> An information disclosure vulnerability exists in the way that
> Internet Explorer handles content using specific encoding strings
> when submitting data. Exploitation may occur if a user visits a web
> page which is specifically crafted to take advantage of these
> vulnerabilities. Successful exploitation of this vulnerability could
> result in an attacker viewing content from the local computer or
> another browser window in another domain or Internet Explorer zone.
>
> HTML Element Cross-Domain Vulnerability
> An information disclosure vulnerability exists in Internet Explorer
> that could allow script to gain access to a browser window in
> another domain or Internet Explorer zone. Exploitation may occur if
> a user visits a web page which is specifically crafted to take
> advantage of these vulnerabilities. Successful exploitation of this
> vulnerability could result in an att
acker viewing content from the
> local computer or another browser window in another domain or
> Internet Explorer zone.
>
> RECOMMENDATIONS:
> We recommend the following actions be taken:
> Apply appropriate patches provided by Microsoft to vulnerable
> systems immediately after appropriate testing.
> Run all software as a non-privileged user (one without
> administrative privileges) to diminish the effects of a successful
> attack.
> Remind users not to visit un-trusted websites or follow links
> provided by unknown or un-trusted sources.
> Inform and educate users regarding the threats posed by attachments
> and hypertext links contained in emails especially from un-trusted
> sources.
>
> REFERENCES:
> Microsoft:
> http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx
> http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx
> http://blogs.technet.com/msrc/archive/2010/03/29/internet-explorer-cumulative-update-releasing-out-of-band.aspx
>
> CVE:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0267
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0488
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0489
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0490
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0491
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0492
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0494
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0805
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0806
>
> Secunia:
> http://secunia.com/advisories/38860
>
>
>
>
>