SOFTWARE

Microsoft Fixes One Critical Flaw, Zero-Day Patch Still Missing

Print Version
E-Mail Article
Reprints

By Jennifer LeClaire
TechNewsWorld
09/13/06 9:00 AM PT

Microsoft issued just one critical fix on its latest Patch Tuesday, in addition to distributing one patch labeled "important" and one it called "moderate." The critical bug exists in Microsoft Publisher, the company's desktop publishing program. The software giant has yet to issue a patch for a zero-day flaw detected in Microsoft Word.


Rackspace now offers green hosting solutions at the same cost without sacrificing performance. We make it easy for our customers to choose a green configuration or customize one that works for your business needs. Make the eco-friendly choice.

Microsoft (Nasdaq: MSFT) Free Trial. Security Software As A Service From Webroot. Latest News about Microsoft on Tuesday released three security updates for Windows and Office to patch as many vulnerabilities, following several consecutive Patch Tuesday events that saw much larger batches of fixes. The software giant rated only one of the September patches as "critical."

Bulletin MS06-054 addresses the critical flaw. The bulletin described a bug in Microsoft Publisher, the company's desktop publishing program that is bundled with some editions of Office. The other patches issued fix flaws in various versions of Windows. Those patches were rated "important" and "moderate."

September's release stems the software giant's patch tide. Between June and August, Microsoft distributed a whopping 31 security updates to patch 62 bugs, including 41 critical fixes. However, some analysts are concerned that there should have been at least one more critical patch in the mix.

Zero-Day Exploit Targets Word

"Microsoft did not release a patch for the zero-day exploit in Microsoft Word, and it could be another month before the patch becomes available," Chris Andrew, PatchLink's vice president of security technologies, told TechNewsWorld, noting that IT administrators now face the important task of protecting the network New HP LaserJet P4014n Printer Starting at $699 after $100 instant savings. until Microsoft releases a fix.

An IT administrator's best option for working around the vulnerability is to turn on safe mode in Microsoft Word, Andrew suggested, or use Microsoft Word Viewer to open e-mail E-Mail Marketing Software - Free Trial. Click Here. attachments.

"IT administrators should evaluate their IT environment Rackspace now offers green hosting solutions at the same cost without sacrificing performance. Make the eco-friendly choice. and make sure that a suitable firewall technology can control the inflow of documents," Andrew added. "Organizations should also communicate to the end-user community on the temporary workaround action plan."

Publishing Problems

Security analysts agree that the Microsoft Publisher vulnerability is the most dangerous of the three released on Patch Tuesday. That's because an attacker could take full control of the affected system if he or she were logged into Windows with administrative user rights.

"An attacker could exploit this vulnerability when Publisher parses a file with a malformed string," Microsoft said in the bulletin, which explained that the bug lies in the way the application parses the files. A successful exploit would come in the form of a document sent via e-mail or via a malicious Web site.

Experts warn that IT administrators should be diligent to patch all systems for this critical bulletin immediately, though Microsoft said the bug has not been exploited in the wild. That is welcome news for IT departments that have seen several vulnerabilities over the past few months that have been exploited before Microsoft issued a patch.

Open to Attack

MS06-052 was labeled "important." It addresses a bug in a Windows XP protocol called PGM, or Pragmatic General Multicast. Microsoft said any anonymous user who could deliver a specifically crafted message to the affected system could try to exploit the vulnerability.

"For the PGM communications vulnerability, the system must have the optional PGM installed in order to be vulnerable," Andrew explained. "However, if the system does have PGM installed, the attacker only needs to route multicast packets to the affected system to remotely execute code. It is recommended that this patch be applied."

Finally, MS06-053 fixes a vulnerability in Windows' Indexing Service. The service is used to create content indexes stored in file systems and virtual Web servers. Security experts warned not to relax in the fact that Microsoft rated the patch as "moderate."

"This vulnerability allows an attacker to run a client-side script to spoof content, disclose information or behave as that user on the affected Web site. It is recommended that this patch be applied," Andrew concluded.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Jennifer LeClaire   RSS

Related News Alerts

Microsoft Activate Alert | Search Archives
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]