TO: All members of the Yeshiva University Community
DATE: February 20, 2006
SUBJECT: Windows Security Bulletin 022006
Importance of Timely Installation of Windows Updates patches. The following news item from Virusist.com, an anti-virus information site, illustrates the importance of applying Windows Update patches as soon as they are made available. Microsoft issued a number of patches for vulnerabilities in Windows systems on Tuesday, February 14th, including two marked “Critical”; one of those is already very close to being exploited by attackers, if not actually being attacked. We strongly recommend that all users configure Windows Update to automatically download and install all critical Updates.
Viruslist.com - News - 17 Feb 2006
Media Player exploit 'minutes or days away' As was widely predicted earlier in the week, exploits have already appeared for one of the vulnerabilities rated critical and patched by Microsoft on Tuesday 14th. Two "proof of concept" pieces of code were posted on the Internet and, according to experts, are “minutes or days away from being completed".
In recent weeks it has been highlighted that the speed with which attackers come up with new exploits seems to be increasing in a race with software creators like Microsoft, who have also speeded up when releasing patches for new vulnerabilities. Attackers are so keen to use every opportunity that they even release exploits for flaws that are already patched, hoping to catch out users who have not heeded the advice to immediately install critical updates.
This means that even though there is generally a lesser time gap between the publication of a vulnerability and a patch for it appearing, it is offset by the equally smaller time gap between publication and the appearance of exploits for the flaw.
The vulnerability itself stems from a problem in the way many releases of the Microsoft Media Player handle bitmap (*.bmp) image files. This potentially allows an attacker to gain full control over the victim machine.The way in which this vulnerability can be exploited is very similar to the recent WMF issue. Attackers can exploit a particular configuration of Windows and Internet Explorer, and it appears that they are very close to unleashing malware to attack this vulnerability on unpatched users.
Any users who have not yet patched their systems for the Media Player bitmap vulnerability should do so immediately. Go to Windows Update and click on Review your Update History under Options. If “Security Update for Windows Media Player 10 for Windows XP (KB911565)” is not shown as successfully installed, return to the main Windows Update page, search for available updates and install it.
