Technical Description

Multiple vulnerabilities have been identified in various Microsoft products, which could be exploited by attackers to take complete control of an affected system [...]

Solution

Apply patch for Microsoft Office 2000 Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=806c654a-35e3-4385-855a-4b803249bfcf

Apply patch for Microsoft Office XP Service Pack 3 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=f54d2a5e-c0ed-4f70-9746-38dd61c8e9d7

Apply patch for Microsoft Visual Studio .NET 2002 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=D71B23FA-A873-406D-BAD7-E38E565DEE39

Apply patch for Microsoft Visual Studio .NET 2003 Service Pack 1 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=2FE10CCD-40CB-4090-B83D-EAE3D4ECA174

Apply patch for Microsoft BizTalk Server 2000 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=E0993E49C0A811D2973D00C04F79E4B3

Apply patch for Microsoft BizTalk Server 2002 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=12B7D09A92AB4596996670799837D961

Apply patch for Microsoft Commerce Server 2000 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=71DE76BA-B62C-4A7A-A78A-9317F5255B13

Apply patch for Microsoft ISA (Internet Security and Acceleration) Server 2000 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=526D87BD-C3DA-412E-8765-C15987AE9B01

Credits

Vulnerabilities reported by Chris Ries (VigilantMinds Inc), Xiao Hui (NCNIPC), and Yuval Ben-Itzhak (Finjan).

ChangeLog

2008-03-11 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.