Ravens PHP Scripts

Microsoft Windows HTML Help ActiveX Control Vulnerability
Date: Tuesday, February 13, 2007 @ 19:18:43 PST
Topic: Security

VERIFY ADVISORY: http://secunia.com/advisories/24136/
CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows XP Professional - http://secunia.com/product/22/

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to certain parameters not being properly initialised by the HTML ActiveX control (Hhctrl.ocx) when handling certain methods. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.

NOTE: Other unspecified issues discovered internally by Microsoft have also been reported.

SOLUTION: Apply patches.
Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=211a9c07-88ff-4ae4-a82a-ce2045c6c4fe
Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=a3700273-d7da-4a60-ba80-c95c8036d670
Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=69ef4daa-cf0f-4898-8675-911428e7fd74
Windows Server 2003 (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=5a1f1607-b6ec-41e2-aac0-34387f1211a7
Windows Server 2003 for Itanium-based systems (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=d638c8e8-5fbe-4a32-945c-440a4b684b0f
Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=65bf2245-6c89-43db-8d28-12988791c395

PROVIDED AND/OR DISCOVERED BY: The vendor credits HD Moore, BreakingPoint Systems.

ORIGINAL ADVISORY: MS07-008 (KB928843): http://www.microsoft.com/technet/security/Bulletin/MS07-008.mspx

This article comes from Ravens PHP Scripts

The URL for this story is: