Alert GCSA-08084 - Vulnerabilita' in Microsoft Windows Messenger
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08084
Data : 13 agosto 2008
Titolo : Vulnerabilita' in Microsoft Windows Messenger (MS08-050)
******************************************************************
:: Descrizione del problema
E' stata riscontrata una vulnerabilita' in Microsoft Windows Messenger che
potrebbe essere sfruttata da un attaccante remoto per ottenere l'accesso ad
informazioni sensibili.
Questa vulnerabilita' e' dovuta al controllo ActiveX "Messenger.UIAutomation.1"
marcato come "safe-for-scripting", e potrebbe permettere di ottenere
i privilegi dell'utente loggato su Windows Messenger in modo da catturare
il logon-ID dell'utente, loggarsi remotamente sul client Messenger dell'utente,
cambiare stato, ottenere informazioni sul contatto, e iniziare sessioni
chat audio e video senza che l'utente loggato se ne accorga.
:: Piattaforme e software interessati
- - Microsoft Windows Messenger 4.x
- - Microsoft Windows Messenger 5.x
:: Impatto
- - Manipolazione di dati
- - Accesso ad informazioni sensibili
:: Soluzioni
Applicare le patch
- -- Windows Messenger 4.7 --
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=8f588f7e-c4ed-42a0-b157-54b1eda60474
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=a5fc5457-832f-4ee8-be60-4cc8518d1c10
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=302315a8-ccb2-47c2-9104-b8e1d1f49aa0
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=be94d138-7d7b-489e-baa6-e214950be6b9
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=e4b72618-536b-4a21-bd91-d91be9ca24e5
- -- Windows Messenger 5.1 --
Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
:: Riferimenti
Microsoft:
http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2354
Secunia:
http://secunia.com/advisories/31446/
CVE Mitre:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0082
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSKLuZPOB+SpikaiRAQLv8QP/VLhBPRmKJwXIuXLVOHjGHy+vcUEu3UnC
WPp7LHbJ/AOgaFKB/koDlqwoDEgwWW4AD3LcYM8/cWCZEvzoYk7G534paQx0UNl7
bDQcK2zSaF847vqC5MxlYm6bAWqBegmy0yU/G2tLUm6S/jxMK6P+AMwKIKcsJLYU
l9hKqitpeJw=
=TxEY
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08084
Data : 13 agosto 2008
Titolo : Vulnerabilita' in Microsoft Windows Messenger (MS08-050)
******************************************************************
:: Descrizione del problema
E' stata riscontrata una vulnerabilita' in Microsoft Windows Messenger che
potrebbe essere sfruttata da un attaccante remoto per ottenere l'accesso ad
informazioni sensibili.
Questa vulnerabilita' e' dovuta al controllo ActiveX "Messenger.UIAutomation.1"
marcato come "safe-for-scripting", e potrebbe permettere di ottenere
i privilegi dell'utente loggato su Windows Messenger in modo da catturare
il logon-ID dell'utente, loggarsi remotamente sul client Messenger dell'utente,
cambiare stato, ottenere informazioni sul contatto, e iniziare sessioni
chat audio e video senza che l'utente loggato se ne accorga.
:: Piattaforme e software interessati
- - Microsoft Windows Messenger 4.x
- - Microsoft Windows Messenger 5.x
:: Impatto
- - Manipolazione di dati
- - Accesso ad informazioni sensibili
:: Soluzioni
Applicare le patch
- -- Windows Messenger 4.7 --
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=8f588f7e-c4ed-42a0-b157-54b1eda60474
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=a5fc5457-832f-4ee8-be60-4cc8518d1c10
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=302315a8-ccb2-47c2-9104-b8e1d1f49aa0
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=be94d138-7d7b-489e-baa6-e214950be6b9
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=e4b72618-536b-4a21-bd91-d91be9ca24e5
- -- Windows Messenger 5.1 --
Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
:: Riferimenti
Microsoft:
http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2354
Secunia:
http://secunia.com/advisories/31446/
CVE Mitre:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0082
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSKLuZPOB+SpikaiRAQLv8QP/VLhBPRmKJwXIuXLVOHjGHy+vcUEu3UnC
WPp7LHbJ/AOgaFKB/koDlqwoDEgwWW4AD3LcYM8/cWCZEvzoYk7G534paQx0UNl7
bDQcK2zSaF847vqC5MxlYm6bAWqBegmy0yU/G2tLUm6S/jxMK6P+AMwKIKcsJLYU
l9hKqitpeJw=
=TxEY
-----END PGP SIGNATURE-----