October Patch Tuesday from Microsoft brings 1024-bit RSA Keys
Microsoft has released the October Patch Tuesday update, resolving 20 security issues and enforcing a new level of security with an RSA key strength update.
Just one of the October Patch Tuesday bulletins has a Critical rating this month. MS12-064 describes a pair of vulnerabilities in Microsoft Word 2003, 2007 and 2010 that could potentially turn to remote code execution. Microsoft details one of the vulnerabilities as a remote code execution vulnerability that involves how Microsoft Word handles specially crafted Word files. The second vulnerability is a use-after-free issue that can be exploited if a user opens or previews a specially crafted RTF file.
“The RTF bug in Microsoft Word warrants special attention since users can be exploited simply by previewing a malicious RTF file in Outlook,” said Andrew Storms, director of security operations for nCircle. “Security teams should prioritize, distribute and install this fix as soon as possible.”
Microsoft Works is also being tagged this month for a remote code execution issue that could be triggered by Microsoft Word.
“The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Word file using Microsoft Works,” Microsoft warned. “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.”
A vulnerability Microsoft ranks as Important involves HTML sanitization and could potentially lead to elevation of privilege exploits on Microsoft Office, Microsoft Communications Platforms, Microsoft Server software, and Microsoft Office Web Apps.
“The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user,” Microsoft warned in its advisory.
An Elevation of Privilege risk is also being fixed in SQL Server. The risk comes from a cross-site-scripting (XSS) vulnerability that could enable arbitrary commands to be executed with SQL Reporting Services (SSRS). Microsoft warns that an attacker could exploit this vulnerability by sending a specially crafted link to the user and convincing the user to click the link, or by hosting a webpage designed to exploit the vulnerability.
“In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability,” Microsoft stated in its advisory.
The Windows Kernel itself is also at risk from an elevation of privilege attack, thanks to an integer overflow vulnerability.
“An elevation of privilege vulnerability exists when the Windows kernel improperly handles objects in memory,”Microsoft warns. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.”
1024 Bit Keys
Microsoft is currently pushing out an update to enforce the use of 1024-bit RSA keys as part of the Patch Tuesday update. The motivation behind increasing the key length is to minimize the risk from lower integrity keys that have been used in the past.
“The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks,” Microsoft stated in its advisory.