—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung des Microsoft Product Security
Notification Service. Wir geben diese Informationen unveraendert an Sie
weiter.

CVE-2011-1980 – Schwachstelle in Microsoft Office

Beim Laden von DLL-Bibliotheken in Microsoft Office ist es moeglich,
dass Bibliotheken aus dem aktuellen Pfad nachgeladen werden. Ein
entfernter Angreifer kann dies ausnutzen um beliebigen Code
auszufuehren, falls es ihm gelingt, eine praeparierte DLL-Datei zusammen
mit einer Office-Datei auf einem Netzwerk-Dateisystem zu platzieren, und
einen Nutzer dazu bringt, die Office-Datei zu oeffnen. falls der Nutzer
ueber administrative Rechte verfuegt, kann der Angreifer die
vollstaendige Kontrolle ueber das System erlangen.

CVE-2011-1982 – Schwachstelle in Microsoft Office

In Microsoft Office wird unter nicht naeher beschriebenen Umstaenden ein
nicht initialisierter Objektzeiger erzeugt. Dies ermoeglicht einem
entfernten Angreifer, beliebigen Code mit den Rechten der Anwendung
auszufuehren, sofern er den Anwender dazu bringt, ein speziell
praepariertes Word-Dokument zu oeffnen. Falls der Nutzer ueber
administrative Rechte verfuegt, ist eine vollstaendige Kompromittierung
des Systems moeglich.

Betroffen sind die folgenden Software Pakete und Plattformen:

Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1

Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Theodor Nolte

– —
Theodor Nolte, B.Sc. (Incident Response Team)

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

Automatische Warnmeldungen: https://www.cert.dfn.de/autowarn

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2011.0936
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
14 September 2011

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010
Publisher: Microsoft
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands — Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2011-1982 CVE-2011-1980

Original Bulletin:
http://technet.microsoft.com/en-us/security/bulletin/ms11-073

– – ————————–BEGIN INCLUDED TEXT——————–

Microsoft Security Bulletin MS11-073 – Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634)
Published: Tuesday, September 13, 2011
Version: 1.0

General Information

Executive Summary

This security update resolves two privately reported vulnerabilities in
Microsoft Office. The vulnerabilities could allow remote code execution
if a user opens a specially crafted Office file or if a user opens a
legitimate Office file that is located in the same network directory as
a specially crafted library file. An attacker who successfully
exploited either of the vulnerabilities could gain the same user rights
as the logged on user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who
operate with administrative user rights.

This security update is rated Important for all supported editions of
Microsoft Office 2003, Microsoft Office 2007, and Microsoft Office
2010. For more information, see the subsection, Affected and
Non-Affected Software, in this section.

Affected Software

Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 Service Pack 1 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Microsoft Office 2010 Service Pack 1 (64-bit editions)

Vulnerability Information

Office Component Insecure Library Loading Vulnerability – CVE-2011-1980

A remote code execution vulnerability exists in the way that Microsoft
Office handles the loading of DLL files. An attacker who successfully
exploited this vulnerability could take complete control of an affected
system. An attacker could then install programs; view, change, or
delete data; or create new accounts with full user rights. Users whose
accounts are configured to have fewer user rights on the system could
be less impacted than users who operate with administrative user
rights.

Office Uninitialized Object Pointer Vulnerability – CVE-2011-1982

A remote code execution vulnerability exists in the way that Microsoft
Office handles specially crafted Word files. An attacker who
successfully exploited this vulnerability could take complete control
of an affected system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.

– – ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
– —–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTm/uiO4yVqjM2NGpAQLNog//c0LI6Gv6Xtr4aj9CUZ88VRv8TLvQALWA
q4TyOxAIGDQOKAyA+vFR0uXKJonJ0zFkShB8gQjqoMVT/31q6QSWoF98y1MI4i3d
bFwYsS7bCeo4DPLQEcVZZhCizuH4ZgQHtNfFr5+16rFNpeJITMXViVJl3k7WoZyk
mLII15M4d2hh8yGVJGQVUkIldz1/s3ZdVBYCiwdfUSFlEbpG4vrNMZgO7MXXPVup
VrLHXQlpIV/5EMVAJ+JFDAcskj1cc4qruYHjI2XGcQOWZLuX+nl36IbiCIhnJRJo
AFiSwphddqB+gRQ8tWeDVOOaDs1DIuf5DKaNJ4VgSkWcOCiRoLbU3In60rgA2gDI
Hbfa5zkp+R+PFdqLjnh6kdIZG3+P1qcE9Yr0QLjtOwe1ZKqSezkxh8NHoXfzfe7g
hslrcmwegC+FWKMXs6ik0M9nTCjdKYIzJ7bnLQccT/9kt+cWO7udIF7JJ/bt+d4B
x4VsgYfBavh66zrql4PMojqXSSBrEmv7E4xMsvHvFp9ysW/CjM842IcsXEH4ZFed
dS1s/71MlzjRMNWhGDUnBi5GJiReAZtEOD3ypniEkCKBTP2B+rzpLMHwnlkBG5YE
X5B8o5JHusJ9j78Sv1RjSaEepm/KOGwAKYpEoZYn/fnZjdMzsmJ9Y0mvccGYG30i
73VBWSgXIJ8=
=v1pd
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.16 (GNU/Linux)

iQEcBAEBAgAGBQJOcJE3AAoJEJtyb8U7iGZBhPAH/2fZGlbdt1/PmCDO1+94J+V+
OZlslJyVGxyIETX1TtGkVWlSxIMMDKuIyQL/ghP7q/sd3ChplAeYesy07Fcq1xXY
DfIkR5YydiwL5bnOTatnXVjmKFpZvjXxUtrfqQ0FByJ5eKgceQkQWTffYQhs1gJ+
PsRx4JyZp+JfKmBsY62wV/aDmIEAP3pn+K+8G/AxpO5i8iDKrC9UstxSh69BvqaR
/qK9yDfb2pcCIfYz/fXOgzzPFQy1+zCd2e1wDJHfdad8oN4u5WsyHBAz2W1tTF4m
JPjELRqNoH/M/bRg9yaB046jBj9ttWDwgdFnPiytnRrzRtlRQ1mxtaq5YkKykJk=
=wDVf
—–END PGP SIGNATURE—–