Three new security bulletins - 13 July 2005
Today, Microsoft issued three new security bulletins. Symantec Security response identified the following two
vulnerabilities to be the most serious.
Buffer Overflow in Microsoft Colour Management Module
Microsoft has announced a security patch for a vulnerability within the Microsoft Colour Management Module (CMM), a
component included within most Windows systems. CMM processes image files for a wide variety of formats including JPEG,
EXIF, TIFF, PNG, PDF, PICT, PostScript, JDF (Job Definition Format), SVG, and CSS3. This vulnerability may be exploited
remotely through malicious web sites or emails. It may be possible to exploit Outlook users by just previewing the
email. Other applications that use CMM could be vulnerable as well, including Internet Explorer and MSN Messenger.
Symantec Security Response has rated this threat as critical.
Microsoft Internet Explorer Javaprxy.DLL COM Object Heap Overflow
Microsoft has also introduced a security patch for a vulnerability in Javaprxy.dll, an interface to a debugger in the
Microsoft Java Virtual Machine. An attacker could exploit this vulnerability through malicious web pages and run code on
the local system resulting in complete control of the affected computer. Symantec Security Response has rated this
threat as critical.
"While these are high-risk vulnerabilities, there are many steps users can take to protect themselves," said Oliver
Friedrichs, senior manager, Symantec Security Response. "In addition to applying patches immediately, users should never
open files or click on links from unknown sources. Computer users should keep software running with the least privileges
possible and deploy network intrusion detection systems to monitor network traffic for signs of suspicious activity."
Symantec recommends the following actions for enterprises: · Evaluate the possible impact of these vulnerabilities to
their critical systems. · Plan for required responses including patch deployment and implementation of security
best practices using the appropriate security solutions. · Take proactive steps to protect the integrity of
networks and information. · Verify that appropriate data backup processes and safeguards are in place and effective.
· Remind users to exercise caution in opening all unknown or unexpected email attachments and in following web
links from unknown or unverified sources.
Symantec recommends the following actions for consumers: · Regularly run Windows Update and install the latest
security updates to keep software up to date. · Avoid opening unknown or unexpected email attachments or following
web links from unknown or unverified sources. · Consider using an internet security solution such as Norton
Internet Security 2005 AntiSpyware Edition to protect against today's known and tomorrow's unknown threats.
Additional information can be found at: http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx
Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide
updates and security content as necessary.
ENDS