Monday, 19 February 2007

IBM Helps Safeguard Customers from Critical Microsoft Vulnerabilities

IBM has revealed its Internet Security Systems (ISS) X-Force research and development team is helping to protect customers from several critical vulnerabilities announced by Microsoft. The vulnerabilities include a flaw discovered by IBM X-Force in Microsoft’s core antivirus engine, which is a default component of various Microsoft offerings such as Windows Live OneCare and Windows Defender, including Windows Defender for Vista, IBM officials said.

This vulnerability allows an attacker to send a specially-crafted PDF file to users and trigger a heap overflow in the antivirus engine, resulting in remote code execution. Successful exploitation could grant an attacker system-level privileges. IBM ISS customers have been protected from this flaw since January.

“IBM ISS urges companies to swiftly remediate this vulnerability,” said Pete Allor, director of intelligence for IBM Internet Security Systems. “IBM ISS continues to work closely with Microsoft to provide Vista support for our customers.”

IBM ISS is also providing protection for three critical vulnerabilities in Internet Explorer covered by Microsoft bulletin MS07-016. The most important of these is an FTP client vulnerability that can be exploited by a malformed response from a malicious server. Since it is relatively simple for attackers to direct Web browsers to an FTP URL, X-Force advises companies to take this flaw seriously, IBM added.

For the other two vulnerabilities, users of Internet Explorer 7 should be safe by default due to the ActiveX opt-in feature. X-Force believes this may provide encouragement for network administrators to migrate to the new browser, as ActiveX controls have been used frequently in exploits this year, IBM continued.