Home News Security Avaya Enterprise (Fomerly Nortel Enterprise) Response to Microsoft Security Bulletin MS10-019
Avaya Enterprise (Fomerly Nortel Enterprise) Response to Microsoft Security Bulletin MS10-019 PDF Print E-mail
Thursday, 22 April 2010 01:26
On Tuesday, April 13th, Microsoft released security update MS10-019 - Vulnerabilities in Windows Could Allow Remote Code Execution (981210). This security update resolves two privately reported vulnerabilities in Windows Authenticode Verification that could allow remote code execution. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft ratings for MS10-019: Maximum Severity Rating - Critical Impact of Vulnerability - Remote Code Execution WinVerifyTrust Signature Validation Vulnerability - CVE-2010-0486 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0486 A remote code execution vulnerability exists in the Windows Authenticode Signature Verification function used for portable executable (PE) and cabinet file formats. An anonymous attacker could exploit the vulnerability by modifying an existing signed executable file to manipulate unverified portions of the signature and file in such a way as to add malicious code to the file without invalidating the signature. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Cabview Corruption Validation Vulnerability - CVE-2010-0487 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0487 A remote code execution vulnerability exists in the Windows Authenticode Signature verification for cabinet (.cab) file formats. An anonymous attacker could exploit the vulnerability by modifying an existing signed cabinet file to point the unverified portions of the signature to malicious code, and then convincing a user to open or view the specially crafted cabinet file. An attacker who successfully exploited this vulnerability could take complete control
Source : http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=1004898&poid=  
< Prev   Next >
 
click here