Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: MS05-053 - More Graphic Rendering Buffer Overflow Vulnerabilities SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS05-053 - More Graphic Rendering Buffer Overflow Vulnerabilities
Microsoft Security Bulletin MS05-053has been released.

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

See Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
Published: November 8, 2005

Graphics Rendering Engine - CAN-2005-2123
Windows Metafile Vulnerability - CAN-2005-2124
Enhanced Metafile Vulnerability - CAN-2005-0803

The update replaces MS03-045 and MS05-002 on Windows XP Service Pack 1.

There is a workaround,  "Microsoft Outlook 2002 users who have applied Office XP Service Pack 1 or a later version and Microsoft Outlook Express 6 users who have applied Internet Explorer 6 Service Pack 1 or a later version", MS says "Read e-mail messages in plain text format" ... "to help protect yourself from the HTML e-mail attack vector", as outlined in Article ID:307594 - Description of a new feature that users can use to read non-digitally-signed e-mail or nonencrypted e-mail as plain text in Office XP SP-1

I'll also note here that in the many previous instances of this type of buffer overflow it was common for protection to already exist in many environments. If you cannot deploy the patches rapidly please consult with your individual AV and security software vendors and ask if their security solution provides generic buffer overflow protection against these vulnerabilities.

193 Posts
Nov 8th 2005

Sign Up for Free or Log In to start participating in the conversation!