Security Alerts for IE and DirectX 7.0

[metadigital]

Wednesday 12th October 2005

Nine new updates in Microsoft's latest security bulletin 10:31AM

The latest monthly security bulletin from Microsoft reveals no fewer than nine vulnerability updates in October's patch Tuesday. Of these, three are regarded as critical, although in two of these cases, the patches replace previous versions.

 

The new spate of security updates follows a quiet September when Microsoft reported no new vulnerabilities. Although it is impossible to predict what might turn up in the future, the replacement cumulative patches and the absence of patches in September suggests that Microsoft may at last be getting on top of the security issue.

 

In the October bulletin, one of the critical vulnerabilities is in DirectShow - part of DirectX version 7.0 onwards and affects users who have administrative user rights. An attacker who successfully exploited the vulnerability could take complete control of an affected system.

 

Microsoft has also revealed that there is a double whammy in the Distributed Transaction Coordinator (MSDTC) and COM+ used in Windows. The vulnerabilities in these services can allow both remote code execution and local elevation of privilege that could allow an attacker to take complete control of the affected system

 

For the average user, the most important is a cumulative patch for Internet Explorer. According to the update, The Microsoft DDS Library Shape Control (Msdds.dll) and other COM objects in Internet Explorer could allow an attacker to take complete control of an affected system.

 

Among the 'Important' category of security updates this month is a problem with client services for Netware, Microsoft Collaboration Data Objects and the Windows Shell that could allow remote execution of code. There is also vulnerability with Plug and Play that could allow a local elevation of privileges. However, in this case, an attacker will need to be able to log in to the system legitimately.

 

Finally there are two 'moderate' vulnerabilities that could allow an attacker to redirect an FTP download and a problem with the Network Connection Manager that could leave a network open to a denial of service attack.