Date: 15 August 2012
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2012.0768
Vulnerability in Windows Common Controls Could Allow Remote
Code Execution (2720573)
15 August 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows common controls
Publisher: Microsoft
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2012-1856
Original Bulletin:
http://technet.microsoft.com/en-us/security/bulletin/MS12-060
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Bulletin MS12-060 - Critical
Vulnerability in Windows Common Controls Could Allow Remote Code Execution
(2720573)
Published Date: August 14, 2012
Version: 1.0
General Information
Executive Summary
This security update resolves a publicly disclosed vulnerability in Windows
common controls. The vulnerability could allow remote code execution if a user
visits a website containing specially crafted content designed to exploit the
vulnerability. In all cases, however, an attacker would have no way to force
users to visit such a website. Instead, an attacker would have to convince
users to visit the website, typically by getting them to click a link in an
email message or Instant Messenger message that takes them to the attacker's
website. The malicious file could be sent as an email attachment as well, but
the attacker would have to convince the user to open the attachment in order
to exploit the vulnerability.
This security update is rated Critical for all supported Microsoft software
that included the Windows common controls in their default installations. This
includes all supported editions of Microsoft Office 2003, Microsoft Office
2007; Microsoft Office 2010 (except x64-based editions); Microsoft SQL Server
2000 Analysis Services, Microsoft SQL Server 2000 (except Itanium-based
editions), Microsoft SQL Server 2005 (except Microsoft SQL Server 2005 Express
Edition, but including Microsoft SQL Server 2005 Express Edition with Advanced
Services), Microsoft SQL Server 2008, Microsoft SQL Server 2008 R2, Microsoft
Commerce Server 2002, Microsoft Commerce Server 2007, Microsoft Commerce Server
2009, Microsoft Commerce Server 2009 R2, Microsoft Host Integration Server 2004
Service Pack 1, Microsoft Visual FoxPro 8.0, Microsoft Visual FoxPro 9.0, and
Visual Basic 6.0 Runtime. For more information, see the subsection, Affected
and Non-Affected Software, in this section.
The security update addresses the vulnerability by disabling the vulnerable
version of the Windows common controls and replacing it with a new version that
does not contain the vulnerability. For more information about the
vulnerability, see the Frequently Asked Questions (FAQ) subsection for the
specific vulnerability entry under the next section, Vulnerability Information.
Affected Software
Microsoft Office 2003 Service Pack 3
Microsoft Office 2003 Web Components Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1 (32-bit Editions)
Microsoft SQL Server 2000 Service Pack 4
Microsoft SQL Server 2005 Express Edition with Advanced Services Service
Pack 4[1]
Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4[1]
Microsoft SQL Server 2005 for x64-based Systems Service Pack 4[1]
Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4[1]
Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2[2]
Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3[2]
Microsoft SQL Server 2008 for x64-based Systems Service Pack 2[2]
Microsoft SQL Server 2008 for x64-based Systems Service Pack 3[2]
Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2[2]
Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3[2]
Microsoft SQL Server 2008 R2 for 32-bit Systems[2]
Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 1[2]
Microsoft SQL Server 2008 R2 for x64-based Systems[2]
Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 1[2]
Microsoft SQL Server 2008 R2 for Itanium-based Systems[2]
Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 1[2]
Microsoft Commerce Server 2002 Service Pack 4
Microsoft Commerce Server 2007 Service Pack 2
Microsoft Commerce Server 2009
Microsoft Commerce Server 2009 R2
Microsoft Host Integration Server 2004 Service Pack 1
Microsoft Visual FoxPro 8.0 Service Pack 1
Microsoft Visual FoxPro 9.0 Service Pack 2
Visual Basic 6.0 Runtime
[1] This update is the same as the update for Microsoft Office 2003
[2] This update is the same as the update for Microsoft Office 2007
Vulnerability Information
MSCOMCTL.OCX RCE Vulnerability - CVE-2012-1856
A remote code execution vulnerability exists in the Windows common controls.
An attacker could exploit the vulnerability by constructing a specially
crafted document or webpage. When a user opens the document or views the
webpage, the vulnerability could allow remote code execution. An attacker who
successfully exploited this vulnerability could gain the same user rights as
the logged-on user.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUCr76e4yVqjM2NGpAQKpvg/+OMKB/vXMVkqULq34tT8HQXL7FzlTSKRv
hXtl6OikbL4Rmx4lNyhW8igbalZ3Zl+hOo+5d2AR/o+MGI6yLM4ane4tZQ9+axID
TiA2zN1J5G6c91w/mLybm6JNXAtHM8PpLy8PfoidTBLnE4vszJxpc/FTU9xp15V/
UzGL+kqqB441z43VlQc92Ul0rx5jUK1e7Zo6zxJyiZb2jux2qFWvk6jzt8fZgPY1
sT4B5zztG6TCu1+czw67oqiYRIIjixBivQjJOb3wS76x3RAXLE3imcWFGM7+EP+0
iPku3ny5XEyBEI7lqIjfIc/3szMNnoFeN4H9uWJaIBaH0Jt0WRlpYi7ZukgwsUnr
0CXrplpW2gxa/19Q9Fx2n5TzS5/avuK66nSWVj4YiZh0DnLeHfvTpxMofPb3PUvg
s2oxEBi+9P8nr9uxG4hK1BqXKAPfwqvGTZ05TXUKxMM5kcnxSFvu7ukdDT95U4JF
5gm/zARK0n+XXMwZdmE0rCwwK+KVwA8XInyq0i3cdvw/NPoXERMzDlvPq+cyCdp/
sfn68+hfyqgJcK2S+BQYYpt41jNdZr1LoY8CdC9Z3NXa6yROl+bE1VajFV+W33+5
xoof574PLL6b0oM/leDjRG1Xl6rQ1bm+zmvqPoA4fTt2o6dVnYn9fOZtIoF0IEDU
oelC9WTFIjc=
=9g7S
-----END PGP SIGNATURE-----
|