IPA/ISEC : Vulnerabilities : Security Alert for Vulnerability in Microsoft Windows

HOME >> IT Security >> Vulnerabilities >> Security Alert for Vulnerability in Microsoft Windows

Security Alert for Vulnerability in Microsoft Windows

September 9, 2009
>> JAPANESE

The Information-technology Promotion Agency (IPA, Chairman Koji Nishigaki) announced a security alert on September 9, 2009 concerning security vulnerability in Microsoft Windows.
This vulnerability allows an attacker to execute arbitrary code due to an error in handling specially crafted files.
If exploited, the computer may become under the control of an attacker with malicious intent. Involuntary operations may occur, such as the execution of unintended programs, the deletion of files, and the installation of malicious tools like viruses and bots.
To fix this vulnerability, update to the fixed version supplied by the vendor.

1.Overview

Microsoft Corporation’s “Windows Media Format Runtime” in Microsoft Windows is software required to handle audio and movie files.

A buffer overflow vulnerability exists in “Windows Media Format Runtime” due to an error in handling certain files.

If this weakness is exploited, there is a possibility that arbitrary code may be executed on Microsoft Windows computers.

Given the high potential impact of the vulnerability and the wide use of Microsoft Windows in Japan, IPA has announced the security alert on the issue to raise awareness of the users who may be affected.

For detailed information, refer to the following URL:
http://www.microsoft.com/technet/security/bulletin/MS09-047.mspx

For the latest information, refer to the following URL:
http://jvndb.jvn.jp/jvndb/JVNDB-2009-000059

The IPA first received a report concerning this vulnerability through the creditee below on December 15, 2008, and the JPCERT Coordination Center (JPCERT/CC), in line with the Information Security Early Warning Partnership, made adjustments to clarify the matter with the vendor and made the announcement public on September 9, 2009.
Credit: Hiroshi Noguchi, Alice Carroll Fan Club.

2.Impact

In the event that a user processes a specially crafted file on Microsoft Windows computers, the computers may be broken or infected by viruses and bots, becoming under the control of an attacker.

Security Alert for Vulnerability in Microsoft Windows

3.Solution

To fix this vulnerability, update to the fixed version supplied by the vendor.

4.CVSS Severity

(1)Evaluation Result

Severity Rating (CVSS base score)	□ Low (0.0~3.9)	■ Medium (4.0~6.9)	□ High (7.0~10.0)
CVSS base score		6.8

(2) Base Score Metrics

AV:Access Vector	□ Local	□ Adjacent 　Network	■ Network
AC:Access Complexity	□ High	■ Medium	□ Low
Au:Authentication	□ Multiple	□ Single	■ None
C:Confidentiality Impact	□ None	■ Partial	□ Complete
I:Integrity Impact	□ None	■ Partial	□ Complete
A:Availability Impact	□ None	■ Partial	□ Complete

■:Selected Values

5.CWE Type

This vulnerability has been CWE classified as “Failure to Constrain Operations within the Bounds of a Memory Buffer (Buffer Errors) (CWE-119)”.

Contact

IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)
E-mail:

Top Page