It’s “Patch Tuesday” again – and you’re going to be spending a busy Valentine’s day installing all of them. I’m not the first person to cover this – Steve Riley did it way back when, and Susan Bradley reminded us of it, but it’s time to raise the point up again.
You can get to the Japanese Security Bulletins at http://www.microsoft.com/japan/security/bulletins/default.mspx – there’s a lot of Japanese script there, but it’s easy to see where a particular bulletin – say MS07-005 – is, because those numbers are in a Latin character set.
Compare it against the English version of MS07-005. First, let’s see how you get hit by an exploit against the vulnerability:
An attacker could try to exploit the vulnerability by creating a specially crafted message and sending the message to an affected system. The message could then cause the affected system to execute code.
There are several additional ways that an attacker could try to exploit this vulnerability. However, user interaction is required to exploit this vulnerability in each of these ways. Some examples follow:
•An attacker could exploit the vulnerability by constructing a malicious Step-by-Step Interactive Training bookmark file (a .cbo, cbl, or .cbm file) and then persuade the user to open the file.
•An attacker could send a malicious file as an attachment to a user through e-mail and then convince a user to open the attachment.
•An attacker could host a malicious Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site.
•In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker could also try to compromise a Web site to have it deliver a Web page that contains malicious content to try to exploit this vulnerability. An attacker would have no way to force users to visit a Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site or to a Web site that has been compromised by the attacker.
Did you understand that? I’m sure your management chain didn’t.
How about in Japanese?
Okay, that’s fairly obvious, the bad guy’s web site infects your machine, or the bad guy’s email infects it, either when you open the email, or open the attachments in the email. [The bad guy wears a black hat and dark glasses, of course.]
How about what can be done to your machine:
This is a remote code execution vulnerability. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Again, Japan makes it easy:
Oh, right, so the bad guy can drop a little copy of himself on my machine, he can look through his network “telescope” and see all my files, and he can reach through the network with his grabby thing, and dump my photos, files and emails in the trash.