• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Microsoft Corrects Vulnerabilities in MDAC and Backup Manager

January 11, 2011 By Corey Nachreiner

Summary:

  • These vulnerabilities affect: All current versions of Windows and components that ship with it
  • How an attacker exploits them: Multiple vectors of attack, including enticing your users into visiting malicious websites or opening specially crafted files
  • Impact: In the worst case, an attacker can gain complete control of your Windows computer
  • What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you

Exposure:

Today, Microsoft released two security bulletins describing three vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.

  • MS11-002: MDAC Code Execution Vulnerabilities
The Microsoft Data Access components (MDAC) are a collection Windows components that allow other programs to easily access and manipulate databases. Unfortunately, MDAC suffers from two memory related security vulnerabilities, including a buffer overflow vulnerability. The flaws differ technically, but share the same impact. By luring one of your users into visiting a malicious web page, or visiting a legitimate page that has been hijacked, an attacker could leverage these flaws to execute code on that user’s computer, with the user’s privileges. If you users have local administrative privileges, attackers could leverage these flaws to gain complete control of their PCs. Microsoft rating: Critical
  • MS11-001: Backup Manager Insecure Library Loading Vulnerability
Windows ships with Backup Manager, which allows users to restore their files to a previous point in time. It is part of Windows’ System Protection and System Restore feature. According to Microsoft, Backup Manager suffers from an insecure Dynamic Link Library (DLL) loading vulnerability, sometimes referred to as a binary planting flaw. We first described this flaw in a September Wire post, which describes this Microsoft security advisory. If an attacker can entice one of your users into opening a malicious Windows Backup (.wbcat) file from the same location as a specially crafted DLL, she could exploit this flaw to execute code on that user’s computer with full system privileges, thus gaining complete control of the computer. This particular flaw only affects the version of Backup Manager that ships with Vista. Since this type of attack requires a user interaction to success, and only affects Vista, it poses less risk that the MDAC flaw described above.
Microsoft rating: Important
 

Researchers or “gray hats” have already posted exploit code for at least one of these vulnerabilities on a public exploit forum. We recommend you download and install both these updates as quickly as possible, starting with the MDAC update.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.

MS11-002:

  • For Windows XP (w/SP3)
    • MDAC 2.8
  • For Windows XP x64 (w/SP2)
    • MDAC 2.8
  • For Windows Server 2003 (w/SP2)
    • MDAC 2.8
  • For Windows Server 2003 x64 (w/SP2)
    • MDAC 2.8
  • For Windows Server 2003 Itanium (w/SP2)
    • MDAC 2.8
  • For Windows Vista (w/SP1 or SP2)
    • MDAC 6.0
  • For Windows Vista x64 (w/SP1 or SP2)
    • MDAC 6.0
  • For Windows Server 2008 (w/SP2)
    • MDAC 6.0
  • For Windows Server 2008 x64 (w/SP2)
    • MDAC 6.0
  • For Windows Server 2008 Itanium (w/SP2)
    • MDAC 6.0
  • For Windows 7
    • MDAC 6.0
  • For Windows 7 x64
    • MDAC 6.0
  • For Windows Server 2008 R2
    • MDAC 6.0
  • For Windows Server 2008 R2 x64
    • MDAC 6.0

MS11-001:

  • For Windows Vista (w/SP1 or SP2)
  • For Windows Vista x64 (w/SP1 or SP2)
* Note: This update doesn’t affect other versions of Windows

 

For All WatchGuard Users:

In most cases, these attacks travel as normal-looking HTTP traffic, which you must allow if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

Status:

Microsoft has released patches correcting these issues.

References:

  • Microsoft Security Bulletin MS11-001
  • Microsoft Security Bulletin MS11-002

This alert was researched and written by Corey Nachreiner, CISSP.

Share This:

Related

Filed Under: Security Bytes Tagged With: Microsoft, MS Patch Day, Updates and patches

Comments

  1. Lamont says

    March 1, 2013 at 4:43 am

    Oh my goodness! Awesome article dude! Thank you, However I am experiencing troubles with your RSS.
    I don’t know the reason why I am unable to join it. Is there anyone else having the same RSS issues? Anyone who knows the solution can you kindly respond? Thanks!!

    Reply
  2. 24 hour appliance repair says

    June 14, 2013 at 4:30 am

    Hi there I am so excited I found your blog, I really found you by mistake, while I was browsing on
    Digg for something else, Anyways I am here now
    and would just like to say kudos for a fantastic post and
    a all round enjoyable blog (I also love the theme/design), I donít have time to
    read it all at the minute but I have saved it and also
    added in your RSS feeds, so when I have time I will be back to
    read much more, Please do keep up the great work.

    Reply
    • www.rielterde.ru says

      June 12, 2014 at 7:02 am

      Can I simply just say what a relief to find someone that genuinely knows what they are talking about on the net.
      You definitely understand how to bring an issue to light and make it important.

      A lot more people have to look at this and understand this side of the story.
      It’s surprising you aren’t more popular given that you most certainly possess the gift.

      Reply
  3. Chiquita says

    June 15, 2013 at 12:40 am

    Appreciating the time and effort you put into your blog and detailed information you offer.
    It’s good to come across a blog every once in a while that isn’t the same outdated rehashed information.
    Wonderful read! I’ve bookmarked your site and I’m adding your RSS feeds to my Google account.

    Reply
  4. Kerrie says

    July 26, 2013 at 12:54 am

    Good replies in return of this issue with solid arguments and telling the whole thing concerning that.

    Reply
  5. work from home atlanta says

    August 8, 2013 at 5:01 pm

    Asking questions are really nice thing if you are not understanding anything completely, but this post gives fastidious understanding even.

    Reply
  6. Mose says

    September 6, 2013 at 3:36 pm

    The guun has to perform consistently in all thhe kiddy matches and easily maintainable.
    His most valuable tool however, is his ability to eliminate keyy opposing
    players. It’s also a good idea for the paintball sniper
    to equip his marker with a low profile hopper; sometimes a hopper sticking
    out from the top of the gun can give away your secret location.

    Reply
  7. realestategreenwichct says

    October 17, 2013 at 6:15 am

    hey, i’m so glad that i stumbled across your web site I will be
    sharing this! – real estate keene nh is a passion of mine and and your “Microsoft Corrects Vulnerabilities in MDAC and Backup Manager | WatchGuard Security Center”
    article is absolutely fantastic work.
    keep it comming I’ll definately be back again real soon!

    Reply
  8. juicing for colds says

    October 18, 2013 at 10:30 am

    Thanks in support of sharing such a nice opinion, post is nice, thats why i have read it fully

    Reply
  9. Leo says

    March 22, 2014 at 10:41 am

    Hi there would you mind sharing which blog platform you’re
    using? I’m going to start my own blog in the near future but I’m having a difficult
    time making a decision between BlogEngine/Wordpress/B2evolution and Drupal.
    The reason I ask is because your design seems different then most blogs
    and I’m looking for something completely unique. P.S My apologies for getting
    off-topic but I had to ask!

    Reply
  10. Cathy O. Swinney says

    September 26, 2014 at 5:16 pm

    I got this web site from my friend who told me about this site and at the
    moment this time I am browsing this web page and reading very informative posts at this time.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use