Here's a collection of recent security vulnerabilities and alerts, which covers an escalation of priviledge vulnerability found in the Macrovision driver on Windows, a new release of Apple's QuickTime which fixes seven critical vulnerabilities, and vulnerabilities discovered in Perl and its Regular Expressions library.
- Escalation of priviledge vulnerability in Macrovision driver on Windows
Microsoft has released a security vulnerability pertaining to reports of a vulnerability of Macrovision's secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. Registered users can leaverage the vulnerability to escalate their restricted privileges.
This vulnerability does not affect Windows Vista. We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
Users are encouraged to install the update by Macrovision.
- Apple fixes critical vulnerabilities in QuickTime (again)
Apple has released QuickTime 7.3, which fixes seven critical flaws in the vulnerability-plagued software.
For those with the stomach for more details, check it out at: (heise Security):
- About the security content of QuickTime 7.3, Apple security advisory
- Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability, iDefense security advisory
- Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability, ZDI security advisory
- Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability, ZDI security advisory
- Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability, ZDI security advisory
- Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability, ZDI security advisory
- Vulnerabilities in Perl and Regular Expressions library
Tavis Ormandy and Will Drewry have discovered a flaw in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, resulting in the possible execution of arbitrary code with the permissions of the user running Perl.
Additional reading as well as patches can be obtained here (Mandrake Security Advisory), here (Red Hat Security Advisory) and here (Debian Security Advisory).
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.