Site icon Secplicity – Security Simplified

Microsoft Corrects Vulnerabilities in MDAC and Backup Manager

Corey Nachreiner

Summary:

Exposure:

Today, Microsoft released two security bulletins describing three vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.

The Microsoft Data Access components (MDAC) are a collection Windows components that allow other programs to easily access and manipulate databases. Unfortunately, MDAC suffers from two memory related security vulnerabilities, including a buffer overflow vulnerability. The flaws differ technically, but share the same impact. By luring one of your users into visiting a malicious web page, or visiting a legitimate page that has been hijacked, an attacker could leverage these flaws to execute code on that user’s computer, with the user’s privileges. If you users have local administrative privileges, attackers could leverage these flaws to gain complete control of their PCs. Microsoft rating: Critical
Windows ships with Backup Manager, which allows users to restore their files to a previous point in time. It is part of Windows’ System Protection and System Restore feature. According to Microsoft, Backup Manager suffers from an insecure Dynamic Link Library (DLL) loading vulnerability, sometimes referred to as a binary planting flaw. We first described this flaw in a September Wire post, which describes this Microsoft security advisory. If an attacker can entice one of your users into opening a malicious Windows Backup (.wbcat) file from the same location as a specially crafted DLL, she could exploit this flaw to execute code on that user’s computer with full system privileges, thus gaining complete control of the computer. This particular flaw only affects the version of Backup Manager that ships with Vista. Since this type of attack requires a user interaction to success, and only affects Vista, it poses less risk that the MDAC flaw described above.
Microsoft rating: Important
 

Researchers or “gray hats” have already posted exploit code for at least one of these vulnerabilities on a public exploit forum. We recommend you download and install both these updates as quickly as possible, starting with the MDAC update.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.

MS11-002:

MS11-001:

* Note: This update doesn’t affect other versions of Windows

 

For All WatchGuard Users:

In most cases, these attacks travel as normal-looking HTTP traffic, which you must allow if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

Status:

Microsoft has released patches correcting these issues.

References:

This alert was researched and written by Corey Nachreiner, CISSP.

Exit mobile version