Three Visio Code Execution Vulnerabilities

Severity: Medium

10 February, 2009

Summary:

• This vulnerability affects: All current versions of Visio
• How an attacker exploits it: By enticing one of your users into opening a maliciously crafted Visio document
• Impact: An attacker can execute code, potentially gaining complete control of your users' computers
• What to do: Deploy the appropriate Visio patch as soon as possible

Exposure:

Microsoft Visio is a very popular diagramming application, which many administrators use to create network diagrams.

In a security bulletin released today, Microsoft describes three security vulnerabilities that affect all current versions of Visio (but not the standalone viewer application). Though technically different, all three vulnerabilities share the same scope and impact: By enticing one of your users into downloading and opening a maliciously crafted Visio document, an attacker can exploit any of these vulnerabilities to execute code on a victim's computer, usually inheriting that user's level of privileges and permissions. If your user has local administrative privileges, the attacker gains full control of the user's machine.

Solution Path:

Microsoft has released patches to fix these vulnerabilities. You should download, test, and deploy the appropriate Visio patch as soon as possible.

• Visio 2002
• Visio 2003
• Visio 2007

Status:

Microsoft has released patches to fix these vulnerabilities.

References:

• MS Security Bulletin MS09-005

This alert was researched and written by Corey Nachreiner, CISSP.

February's Cumulative IE Patch Corrects Two Critical Vulnerabilities

Severity: High

10 February, 2009

Summary:

• This vulnerability affects: Internet Explorer 7 and earlier versions
• How an attacker exploits it: By enticing one of your users to visit a malicious web page or link
• Impact: In the worst case, the attacker can execute code on your user's computer, gaining complete control of it
• What to do: Deploy the appropriate Internet Explorer patches immediately

Exposure:

In a security bulletin released today as part of its monthly patch update, Microsoft describes two vulnerabilities in Internet Explorer (IE) 7.0. These flaws may also affect IE 5.x and 6.x; however, Microsoft no longer supports those versions.

Though they differ technically, both vulnerabilities share the same general characteristics: IE doesn't properly handle certain HTML objects or elements, which causes memory corruption. By luring one of your users into visiting a maliciously crafted web page, an attacker can exploit either of these memory corruption vulnerabilities to execute code on that user's computer, inheriting that user's privileges. Typically, Windows users have local administrative privileges. In that case, the attacker could gain complete control of the victim's computer.

In addition to fixing these two newly announced flaws, today's Internet Explorer patch also fixes all previously known flaws.

Solution Path:

These patches fix serious issues. You should download, test, and deploy the appropriate IE patches as soon as possible.

• Internet Explorer 7.0
  • For Windows XP
  • For Windows XP x64
  • For Windows Server 2003
  • For Windows Server 2003 x64
  • For Windows Server 2003 Itanium
  • For Windows Vista
  • For Windows Vista x64
  • For Windows Server 2008
  • For Windows Server 2008 x64
  • For Windows Server 2008 Itanium

  Note: While these flaws may also affect older versions of IE, Microsoft currently only supports IE 7.0. If you use an older version, you should upgrade to 7.0, then apply this patch.

Status:

Microsoft has released patches to fix these vulnerabilities.

References:

• MS Security Bulletin MS09-002

This alert was researched and written by Corey Nachreiner, CISSP.

Reclaim Free Space on Your Hard Drive

December is a great time to clean up your hard drive. It allows you to start the New Year with plenty of drive space, and you'll have peace of mind knowing your old data has been archived and secured. Archiving is the process of permanently removing data from a drive and storing it safely on removable media—versus backing up where you consistently make identical copies of current files.

Begin the archiving process by sorting through files and moving them to a new folder. Choose the media type for your archive data: DVD Recordable (DVD-R) and Blu-ray (BD-R) are good choices because data can only be written once to these types of discs.

After you have set aside files to be archived, burn three copies of each disc. Verify all discs after burning to ensure data was written without errors. Store each disc at a different location: One copy at your office for your use; another secured offsite (home or safety deposit box); and give the last copy to your attorney or accountant to store in a locked location.

Having safely archived your data files and checked the newly created discs, you can safely delete the archived data from your hard drive.

Remember, an ounce of prevention really is worth a pound of cure.

As an reseller for DriveSavers, Inc. I hope they don't mind me using this great advise! Call 1-800-440-1904 and use the code DS15345 to get 10% off any Data Recovery Procedure from DriveSavers!