Miscellaneous Software

Vulnerability Advisory: McAfee, Inc. Solutions Protect Against Eighteen Newly Disclosed Microsoft Windows Vulnerabilities

McAfee Inc. Aug 01, 2006


McAfee Intrusion Prevention and Security Risk Management Solutions Provide Protection to Identify and Block Potential New Attacks

SANTA CLARA, Calif., July 11 / - McAfee, Inc. (NYSE:MFE), the global leader in Intrusion Prevention and Security Risk Management, today announced that it provides coverage for the 18 security vulnerabilities disclosed by Microsoft Corporation today. These vulnerabilities have been reviewed by McAfee® Avert® Labs, and based on their findings, McAfee recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee. This includes deploying solutions to ensure protection against the vulnerabilities outlined in this advisory.

"Microsoft continues to provide numerous patches for critical vulnerabilities as seen today in the widely deployed Microsoft Office and Excel applications which accounted for 70% of the patched vulnerabilities," said Monty Ijzerman, senior manager of the Global Threat Group for McAfee Avert Labs. "McAfee sees this as part of the trend to attack and target applications as well as base operating systems. To date this year, 31 patches have been issued for applications in contrast to 41 for operating systems. For 2005 these numbers are 13 and 73 respectively."

Microsoft Vulnerability Overview:

o MS06-033 - .NET 2.0 Application Folder Information Disclosure Vulnerability
o MS06-034 - Vulnerability in Microsoft Internet Information Services
using Active Server Pages Could Lead to Remote Code Execution
o MS06-035 - Vulnerability in Server Service Could Allow Remote Code Execution
o MS06-036 - Vulnerability in DHCP Client Service Could Allow Remote Code Execution
o MS06-037 - Vulnerability in Microsoft Excel Could Allow Remote Code
Execution (917285)
o MS06-038 - Vulnerability in Microsoft Office Could Allow Remote Code
Execution (917284)
o MS06-039 - Vulnerability in Microsoft Office Could Allow Remote Code
Execution (915384)

Scope of Potential Compromise

Today's bulletins cover a total of eighteen vulnerabilities - fourteen of which are rated critical due to their potential for remote code execution. Among the critical vulnerabilities, 13 pertain to Microsoft Excel and Microsoft Office. The remaining critical vulnerability, MS06-035 Mailstop Heap Overflow is a worm candidate since it is remotely exploitable without the need for user interaction on Windows 2000 SP4 and Windows XP SP1. Additionally, McAfee Avert Labs worked with Microsoft to responsibly disclose and patch the CVE-2006-1315 SMB Information Disclosure Vulnerability.

For additional information on today's vulnerabilities as well as information on current threats, visit McAfee's Threat Center at www.mcafee.com/us/threat_center/default.asp where you will find blogs www.avertlabs.com/research/blog/ from McAfee Avert Labs researchers. More information on the vulnerabilities can also be found at www.microsoft.com/technet/security/current.aspx .

McAfee Solutions

With McAfee's Security Risk Management approach, customers can effectively address business priorities and security realities. McAfee's award-winning solutions identify and block known and unknown attacks before they can cause damage.

By default, McAfee Host IPS v6.0 and McAfee Entercept® protect users against code execution that may result from exploitation of the buffer overflow/overrun vulnerabilities in Microsoft Excel, Microsoft Office, Microsoft Internet Information Services and DCHP Client Service. This "out of the box" protection is provided without the need for security content updates for either product.

McAfee VirusScan® Enterprise 8.0i and McAfee Managed VirusScan with AntiSpyware protect against attacks targeting the buffer overflow vulnerabilities in Microsoft Excel, Microsoft Office, Microsoft Internet Information Services, and DHCP Client Service.

McAfee IntruShield® provides coverage for the Microsoft Excel, Microsoft Office, Microsoft Server Service, DHCP Client Service and .NET 2.0 vulnerabilities through signature sets 1.8.78, 1.9.6, 2.1.44, 3.1.17. McAfee IntruShield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.

The McAfee System Compliance Profiler, a component of McAfee ePolicy Orchestrator, is being updated for today's newly disclosed vulnerabilities to quickly assess compliance levels of the security patches announced today.

The McAfee Foundstone® and McAfee Policy Enforcer checks are being created to detect the vulnerabilities announced today, and will be available in the packages released today and tomorrow, respectively.

Avert DAT files have already been released to detect known exploits and new detection will be added as new exploits are discovered. McAfee users can refer to www.mcafee.com/us/threat_center/default.asp for information regarding any new threats attempting to exploit these vulnerabilities.

McAfee Avert Labs maintains one of the top-ranked security threat and research organizations in the world, employing researchers in 13 countries on five continents. The Labs combine world-class malicious code and anti-virus research with intrusion prevention and vulnerability research expertise from the McAfee IntruShield, McAfee Entercept and McAfee Foundstone teams. McAfee protects customers by providing deep analysis and core technologies that are developed through the combined efforts of its researchers.

About McAfee, Inc.

McAfee Inc., headquartered in Santa Clara, California and the global leader in Intrusion Prevention and Security Risk Management, delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector, and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security. www.mcafee.com/ .

Source: McAfee, Inc.

CONTACT: Erica Coleman of McAfee, Inc., +1-408-346-5624, or erica_coleman@mcafee.com; or Andrew Miller of Red Consultancy, +1-415-618-8811, or andrew.miller@redconsultancy.com, for McAfee, Inc.

Web site: www.mcafee.com/

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept