SANS ISC: Microsoft July Security Bulletin Review

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

A quick little, "where are we now" review.

Initial July Microsoft announcement:
http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx

MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283)
CVE-2006-1300
CVSS base: 2.3

MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537)
CVE-2006-0026
CVSS base: 4.2
initial ISC announement: http://isc.sans.org/diary.php?storyid=1473
reported to have some patch issues: http://isc.sans.org/diary.php?storyid=1481
http://support.microsoft.com/kb/917537
Microsoft updated the .cab file: http://isc.sans.org/diary.php?storyid=1494
http://blogs.technet.com/msrc/archive/2006/07/18/442388.aspx
exploit code is available

MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159)
aka "Mailslot"
CVE-2006-1314
CVSS base: 7.0
CVE-2006-1315
CVSS base: 2.3
initial ISC announement: http://isc.sans.org/diary.php?storyid=1471
exploit code is available

MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388)
CVE-2006-2372
CVSS base: 7.0 temporal: 5.8
initial ISC announement: http://isc.sans.org/diary.php?storyid=1472
exploit code is available: http://isc.sans.org/diary.php?storyid=1502

MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
CVE-2006-1301
CVE-2006-1302
CVE-2006-1304
CVE-2006-1306
CVE-2006-1308
CVE-2006-1309
CVE-2006-2388
CVE-2006-3059
CVSS base: 5.6
initial ISC announement: http://isc.sans.org/diary.php?storyid=1474

MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284)
CVE-2006-1316 ? Microsoft Office Parsing Vulnerability
CVSS base: 5.6
CVE-2006-1540 ? Microsoft Office Malformed String Parsing Vulnerability
CVSS base: 1.1
CVE-2006-2389 ? Microsoft Office Property Vulnerability
CVSS base: 6.5
initial ISC announement: http://isc.sans.org/diary.php?storyid=1475

MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
CVE-2006-0033
CVSS base: 3.7
CVE-2006-0007
CVSS base: 5.6
initial ISC announement: http://isc.sans.org/diary.php?storyid=1476