----------------------------------------------------------------------


  Secunia CSI
+ Microsoft SCCM
-----------------------
= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/


----------------------------------------------------------------------

TITLE:
Microsoft Windows Authentication Verification Two Vulnerabilities

SECUNIA ADVISORY ID:
SA39371

VERIFY ADVISORY:
http://secunia.com/advisories/39371/

DESCRIPTION:
Two vulnerabilities have been reported in Microsoft Windows, which
can be exploited by malicious people to compromise a vulnerable
system.

1) An error exists within the Windows Authenticode Signature
Verification function when processing certain fields of the file
digest of portable executable (PE) and cabinet file formats. This can
be exploited to inject arbitrary code into a signed executable without
making the signature of the file invalid.

2) An error exists in the Windows Authenticode Signature verification
for cabinet (.cab) file formats when processing certain fields of the
file digest. This can be exploited to inject arbitrary code into a
cabinet file without making the signature of the file invalid.

Successful exploitation requires that a user is tricked into opening
or viewing a specially crafted file.

SOLUTION:
Apply patches.

-- Microsoft Windows 2000 SP4 --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=D7538166-35EE-4C6B-BE8C-E83A1FC6CD77

Cabinet File Viewer Shell Extension 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=13846177-F25F-4DD4-9FE9-AC43E1D4D73D


-- Windows XP SP2 / SP3 --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=2A01DDF0-F3EA-47C8-ADA2-E69F6C1B5F96

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=6C3AC102-2107-4726-98BE-4FBF6B858BFB


-- Windows XP Professional x64 Edition SP2 --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=9BBFF00C-F8F4-4A44-98F2-18A868986AE1

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=E64E487E-2727-4396-B0C9-6EAF000214D2


-- Windows Server 2003 SP2 --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=0E7E3DEB-F078-4953-9642-675EC69267F2

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=7AE9B1D0-0DBE-4ABD-B315-10CEA4CECCD7


-- Windows Server 2003 x64 Edition SP2 --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=99A3F6DA-728F-421C-AB41-C4C4751934A4

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=1709FD4E-D7C6-4CBB-8B71-A96B8D6EEE58


-- Windows Server 2003 with SP2 for Itanium-based Systems --

Authenticode Signature Verification 5.1:
http://www.microsoft.com/downloads/details.aspx?familyid=06832599-1E9B-4792-8C7B-7B5B3A3D6277

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=811A2B28-655D-4B5D-821E-5A90D556DBA3


-- Windows Vista (optionally with SP1 / SP2) --

Authenticode Signature Verification 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=A52225A7-6005-4F2B-8291-DB20558F23F8

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=6145E2B2-36FD-4360-BD5B-2BD11890FC52


-- Windows Vista x64 Edition (optionally with SP1 / SP2) --

Authenticode Signature Verification 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=9BA7468C-23A4-4994-9A5A-22E96EF586F3

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=5B7EFA82-0FEB-413A-9F8E-212E7432CD99


-- Windows Server 2008 for 32-bit Systems (optionally with SP2) --

Authenticode Signature Verification 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=97FFEEC8-8B6D-4A30-97B0-4BFF2BA5E91D

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=F111735B-68B0-4BCC-9DD8-818A5ECA3400


-- Windows Server 2008 for x64-based Systems (optionally with SP2)
--

Authenticode Signature Verification 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=49F9F740-023A-4291-BECF-838A1D282321

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=91C08251-0085-44CB-9E9C-9A1A84374CAF


-- Windows Server 2008 for Itanium-based Systems (optionally with
SP2) --

Authenticode Signature Verification 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=BD60779A-8BB1-4107-A344-9B09A50E96FF

Cabinet File Viewer Shell Extension 6.0:
http://www.microsoft.com/downloads/details.aspx?familyid=EB116688-1D6E-4E20-948E-1D347AF5D985


-- Windows 7 for 32-bit Systems --

Authenticode Signature Verification 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=8D4A6C65-E171-4570-8F3F-118F06910BAF

Cabinet File Viewer Shell Extension 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=F0DBAC52-0F0E-40BC-9371-17FA594424D5


-- Windows 7 for x64-based Systems --

Authenticode Signature Verification 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=CF8C6721-05C2-4680-93B4-BE36F09C6D15

Cabinet File Viewer Shell Extension 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=B23EFE7D-BCA4-4D49-9104-6AE39DC5DAA9


-- Windows Server 2008 R2 for x64-based Systems --

Authenticode Signature Verification 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=94DFDAAE-8464-4DE6-A401-7EB70B3BB34F

Cabinet File Viewer Shell Extension 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=A2979C02-2A80-4B84-BF6C-4798064BDF28


-- Windows Server 2008 R2 for Itanium-based Systems --

Authenticode Signature Verification 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=40F622D2-48E7-4EB2-9430-BBD218CB5208

Cabinet File Viewer Shell Extension 6.1:
http://www.microsoft.com/downloads/details.aspx?familyid=5E416D4B-5DE7-4688-80C6-245DE159E0CE

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
MS10-019 (KB981210, KB978601, KB979309)
http://www.microsoft.com/technet/security/Bulletin/MS10-019.mspx

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------