Three MS Security Bulletins issued today. Two are rated critical, one is rated important. All are 'Remote Code Execution' vulnerabilities. A Malicious Software Removal Tool was also released, this is in addition to the Microsoft AntiSpyware Tool released last week.
A cross-domain vulnerability exists in HTML Help ActiveX control that could allow information disclosure or remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Microsoft HTML Help is the standard help system for the Windows platform. The HTML Help ActiveX control is a program that is used to insert help navigation and secondary window functionality into an HTML file
The vulnerability is due to the way that the HTML Help ActiveX control processes cross domain requests.
An attacker who successfully exploited this vulnerability could run malicious script code in the Local Machine security zone in Internet Explorer. This could allow an attacker to take complete control of the affected system
Flashsky has reported some vulnerabilities in Microsoft Windows, allowing malicious people to compromise a vulnerable system or cause a DoS (Denial of Service).
The vulnerability is caused due to an integer overflow in the LoadImage API which can be exploited to cause a heap based buffer overflow. This can be exploited through a website by using maliciously crafted icon, cursor, animated cursor, or bitmap files.
Successful exploitation allows execution of arbitrary code.
- Some errors in the Windows Kernel when parsing ANI files may cause the system to crash. This can be exploited through specially crafted ANI files.
The vulnerabilities is caused due to a heap overflow and an integer overflow in "winhlp32.exe" when handling HLP files. This can be exploited through specially crafted HLP files.
All versions of Microsoft Windows are affected except Microsoft Windows XP with Service Pack 2.
A vulnerability has been reported in Microsoft Windows XP and 2003, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unchecked buffer in the indexing service. This can be exploited to execute arbitrary code through a malicious query.
Note: This vulnerability has been set to "From Remote" because the indexing service can be configured to be accessible through Internet Information Services (IIS).