Microsoft Black Tuesday - November 2006

Michael Sutton's Blog

Home
Contact

Syndication

Archives

Microsoft came out with a moderate collection of vulnerabilities for the month of November. The six security bulletins included a total of nine vulnerabilities with the following breakdown for maximum severity:

7 Critical
1 Important
1 Moderate

This month's bulletins included patches for three public vulnerabilities for which public exploit code is already available. More importantly, Microsoft admits to being aware of exploitation using all three of these vulnerabilities. The following known issues received patches:

An ActiveX vulnerability in Microsoft XML Core Services was patched in MS06-071
Two DirectAnimation ActiveX vulnerabilities (CVE-2006-4777 and CVE-2006-4446) were addressed in MS06-067.

See the summary below for links to the public exploit code for these issues.

This month's bulletins did not address at least one known vulnerability for which exploitation has occurred. On October 31, 2006, Microsoft acknowledged a vulnerability in the WMI Object Broker ActiveX control packaged with Visual Studio 2005, which can lead to remote code execution. No word yet on when a patch will be available for this issue.

Below is a cheat sheet for all 9 vulnerabilities.

Enjoy!

- michael

Bulletin	Title
MS06-066	Microsoft Client Service for NetWare Memory Corruption Vulnerability CVE-2006-4688 Important Discovered By: Peter Winter-Smith of NGS Software Sam Arun Raj of McAfee Public: No Exploited: No
MS06-066	NetWare Driver Denial of Service Vulnerability CVE-2006-4689 Moderate Discovered By: Sam Arun Raj of McAfee Public: No Exploited: No
MS06-067	DirectAnimation ActiveX Controls Memory Corruption Vulnerability CVE-2006-4777 Critical Exploit: daxctle2.c Public: Yes Exploited: Yes
MS06-067	DirectAnimation ActiveX Controls Memory Corruption Vulnerability CVE-2006-4446 Critical Exploit: 19738.html Public: Yes Exploited: Yes
MS06-067	HTML Rendering Memory Corruption Vulnerability CVE-2006-4687 Critical Discovered By: Sam Thomas, working with TippingPoint and the Zero Day Initiative Public: No Exploited: No Advisories: ZDI-06-041
MS06-068	Microsoft Agent Memory Corruption Vulnerability CVE-2006-3445 Critical Public: No Exploited: No
MS06-069	Macromedia Flash Player Vulnerabilities CVE-2006-3014 CVE-2006-3311 CVE-2006-3587 CVE-2006-3588 CVE-2006-4640 Critical Discovered By: Stuart Pearson of Computer Terrorism Public: Yes Exploited: No Advisories: Adobe Security Bulletin APSB06-11
MS06-070	Workstation Service Memory Corruption Vulnerability CVE-2006-4691 Critical Discovered By: eEye Public: No Exploited: No Advisories: AD20061114
MS06-071	Microsoft XML Core Services Vulnerability CVE-2006-5745 Critical Discovered By: Robert Freeman of ISS Dror Shalev and Moti Jospeh of Checkpoint Exploits: 20915.html 20915-1.html 20915-2.html Public: Yes Exploited: Yes

Posted 11-14-2006 2:26 PM by erik.peterson

Comments

Vasu wrote re: Microsoft Black Tuesday - November 2006

on 11-16-2006 9:31 AM

MS06-070 Workstation Service Memory Corruption Vulnerability

CVE-2006-4691

Critical

Discovered By: eEye

Public: YES

Exploited: No

erik.peterson wrote re: Microsoft Black Tuesday - November 2006

on 11-16-2006 10:02 AM

Thanks Vasu - I base the Public field on whether or not the vulnerability was publicly known at the time of the Microsoft Security Bulletin, which is why it is marked as 'No'. I then add any third party advisories as they become available. I've now added the eEye advisory - thanks for pointing that out.

- michael

Syndication

Recent Posts

Archives

Comments