Last week, Microsoft issued information on five new security bulletins, which encompass 14 vulnerabilities. Symantec Security Response identified three of the updates to be critical. The following summary provides Symantec's evaluation of two of the most critical issues.
Cumulative security update for Microsoft Internet Explorer
Last week, Microsoft issued patches for 10 vulnerabilities in Internet Explorer. Most of the issues are critical, and attackers are actively exploiting three of the vulnerabilities. Some of these vulnerabilities affect versions of Internet Explorer dating back to 5.0. Because Outlook Express utilises Internet Explorer to process HTML e-mails, users of this e-mail program may also be affected by some of the issues.
Vulnerability in MDAC function
Symantec Security Response rates the vulnerability in the MDAC function to be the most critical of the security bulletins. This vulnerability exists in the RDS.Dataspace ActiveX object that is provided as part of the ActiveX Data Objects (ADO) and is distributed in MDAC.
A successful attack would result in possible remote code execution in Internet Explorer, causing the browser to automatically run programs and code without the user's consent. This could completely compromise a system. Affected systems include Windows 2000 Professional, Windows 2000 Server, Windows NT, Windows NT TS, Windows Server 2003, Windows Server 2003, Windows Server 2003 SP1, Windows XP and Windows XP SP2.
"According to the latest Symantec Internet Security Threat Report, the average time between the release of a security patch, and the development of an exploit is six days," said Oliver Friedrichs, director, Symantec Security Response.
"In this case, three of today's security vulnerabilities were already being actively exploited by attackers even prior to the issuance of these patches. Symantec encourages all users of Microsoft Windows, Internet Explorer and Outlook Express to update their software as soon as possible."
Symantec recommends the following actions for IT administrators:
* Evaluate the possible impact of these vulnerabilities to critical systems.
* Plan for required responses including patch deployment and implementation of security best practices using the appropriate security and availability solutions.
* Take proactive steps to protect the integrity of networks and information.
* Verify that appropriate data backup processes and safeguards are in place and effective.
* Remind users to exercise caution in opening all unknown or unexpected e-mail attachments and in following Web links from unknown or unverified sources.
Symantec recommends the following actions for consumers:
* Regularly run Windows Update and install the latest security updates to keep software up to date.
* Avoid opening unknown or unexpected e-mail attachments or following Web links from unknown or unverified sources.
* Use an Internet security solution such as Norton Internet Security to protect against today's known and tomorrow's unknown threats.
Additional information can be found at: http://www.microsoft.com/athome/security/update/bulletins/200604.mspx
Symantec's security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.
Share
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, California, Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Centre at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.
Editorial contacts