MS07-017: "Vulnerabilities in GDI Could Allow Remote Code Execution"

Microsoft today released a patch for the critical-rated vulnerability in animated cursors that has been widely reported by me in this blog and elsewhere. Microsoft Security Bulletin MS07-017 is a patch for a remote execution vulnerability that is already being exploited. But, in addition to that .ani file vulnerability, this security bulletin addresses a total ...

Microsoft today released a patch for the critical-rated vulnerability in animated cursors that has been widely reported by me in this blog and elsewhere.

Microsoft Security Bulletin MS07-017 is a patch for a remote execution vulnerability that is already being exploited.

But, in addition to that .ani file vulnerability, this security bulletin addresses a total of seven vulnerabilities affecting different platforms and having different ratings for each platform (see the bulletin for details).

GDI Local Elevation of Privilege Vulnerability (CVE-2006-5758)
WMF Denial of Service Vulnerability (CVE-2007-1211)
EMF Elevation of Privilege Vulnerability (CVE-2007-1212)
GDI Invalid Window Size Elevation of Privilege Vulnerability (CVE-2006-5586)
Windows Animated Cursor Remote Code Execution Vulnerability (CVE-2007-0038)
GDI Incorrect Parameter Local Elevation of Privilege Vulnerability (CVE-2007-1215)
Font Rasterizer Vulnerability (CVE-2007-1213)

Of these, the animated cursor remote code execution threat is rated critical across all platforms, INCLUDING the current release of Vista.

Some of these vulnerabilities had been disclosed publicly before the release of this series of patches, but only the animated cursor threat had been exploited.

Affected platforms are Windows 2000 SP4, XP SP2, Windows Server 2003, WS2003 SP1, WS2003 SP2, and Windows Vista. The vulnerabilities also apply to x64 and Itanium editions.

MS07-017 replaces MS06-001 and MS05-053 for W2K, XP, and Windows Server operating systems, but it replaces MS05-002 ONLY for Windows Server 2003 (not WS2003 SP1 or SP2). The replaced bulletins predate Vista.

Microsoft only describes workarounds for the WMF DoS and animated cursor vulnerabilities; in both instances, the recommendation is to open e-mail in plain text.

Significant mitigating factors are only described for the animated cursor threat:

“Customers who are using Windows Internet Explorer 7 on Windows Vista are protected from currently known Web-based attacks due to Internet Explorer Protected Mode.”

Also, for Microsoft Office Outlook 2007, using default settings would protect against this attack.

My comments:

Since there are significant mitigating factors for Vista users, while this is still rated a critical security bulletin for the new platform, the actual threat doesn’t appear to be very big.

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE These guidelines from TechRepublic Premium will help you define the necessary ingredients of a security policy and assist in its proper construction. They’re designed to work hand in hand with the subjective knowledge you have of your company, environment and employees. Using this information, your business can establish new policies or elaborate on those ...

PURPOSE Recruiting an Artificial Intelligence Architect with the right combination of technical expertise and experience will require a comprehensive screening process. This Hiring Kit from TechRepublic Premium provides an adjustable framework your business can use to find, recruit and ultimately hire the right person for the job. From the hiring kit: DETERMINING FACTORS, DESIRABLE PERSONALITY ...

MS07-017: “Vulnerabilities in GDI Could Allow Remote Code Execution”