[Hinweis] Neuer Sammel Patch WMedia Player

-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------
Title:      26 June 2002 Cumulative Patch for Windows Media Player
            (Q320920)
Date:       26 June 2002
Software:   Windows Media Player
Impact:     Three new vulnerabilities, the most serious of which 
            could run code of attacker's choice
Max Risk:   Critical
Bulletin:   MS02-032

Microsoft encourages customers to review the Security Bulletin at: 
[url]http://www.microsoft.com/technet/security/bulletin/MS02-032.asp.[/url]
- ----------------------------------------------------------------------

Issue:
======
This is a cumulative patch that includes the functionality of
all previously released patches for Windows Media Player 6.4, 7.1
and Windows Media Player for Windows XP. In addition, it eliminates
the following three newly discovered vulnerabilities one of which
is rated as critical severity, one of which is rated moderate
severity, and the last of which is rated low severity:

- An information disclosure vulnerability that could provide
the means to enable an attacker to run code on the user's
system and is rated as critical severity.

- A privilege elevation vulnerability that could enable an attacker
who can physically logon locally to a Windows 2000 machine and run
a program to obtain the same rights as the operating system.

- A script execution vulnerability related that could run a script
of an attacker's choice as if the user had chosen to run it after
playing a specially formed media file and then viewing a specially
constructed web page. This particular vulnerability has specific
timing requirements that makes attempts to exploit vulnerability
difficult and is rated as low severity.

It also introduces a configuration change relating to file extensions
associated with Windows Media Player. Finally, it introduces a new,
optional, security configuration feature for users or organizations
that want to take extra precautions beyond applying IE patch MS02-023
and want to disable scripting functionality in the
Windows Media Player for versions 7.x or higher.

Mitigating Factors:
====================
Cache Patch Disclosure via Windows Media Player

- Customers who have applied MS02-023 are protected against
attempts to automatically exploit this issue through HTML email
when they read email in the Restricted Sites zone. Outlook 98 and
Outlook 2000 with the Outlook Email Security Update, Outlook 2002
and Outlook Express 6.0 all read email in the Restricted Sites
zone by default.

- The vulnerability does not affect media files opened from the
local machine. As a result of this, users who download and save
files locally are not affected by attempts to exploit this
vulnerability.

Privilege Elevation through Windows Media Device Manager Service:

- This issue affects only Windows Media Player 7.1 it does not
affect Windows Media Player for Windows XP nor Windows
Media Player 6.4.

- The vulnerability only affects Windows Media Player 7.1 when run
on Windows 2000, it does not impact systems that have no user
security model such as Windows 98 or Windows ME systems.

- This issue only affects console sessions; users who logon via
terminal sessions cannot exploit this vulnerability.

- An attacker must be able to load and run a program on the system.
Anything that prevents an attacker from loading or running a
program could protect against attempts to exploit this
vulnerability.

Media Playback Script Invocation:

- A successful attack requires a specific series of actions
follows in exact order, otherwise the attack will fail.
Specifically:
- A user must play a specially formed media file from an
attacker.
- After playing the file, the user must shut down
Windows Media Player without playing another file.
- The user must then view a web page constructed by the
attacker.

Risk Rating of new vulnerabilities:
============
- Internet systems: Low
- Intranet systems: Low
- Client systems: Critical

Aggregate Risk Rating (including issues addressed in
previously released patches):
- Internet systems: Critical
- Intranet systems: Critical
- Client systems: Critical

============
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-032.asp
for information on obtaining this patch.

Acknowledgment:
===============
- jelmer for reporting the Cache Patch Disclosure via Windows
Media Player.

- The Research Team of Security Internals
(www.securityinternals.com) for reporting Privilege
Elevation through Windows Media Device Manager Service:

- Elias Levy, Chief Technical Officer, SecurityFocus
(http://www.securityfocus.com/), for reporting the
Media Playback Script Invocation.

- ---------------------------------------------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS
ALL
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
IN NO EVENT
SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL,
LOSS OF
BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR
ITS
SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME
STATES DO
NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL
OR
INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQEVAwUBPRpJ0I0ZSRQxA/UrAQGm7Af/axJFUtEerrKmB+C5n8R/iyQMn+vvFbIW
2KLUb7S2X+gLOMeG7KBH3hz0DKG7vRR+BH1NOmZn7wFDQ8K0XFNlx7qXbh9Fbn3G
CVM6Knqtqwl/U4nEI/IzGDW1fEzgqLbZhzgeeT+ZWTVF7Tqp2Y8H1YnmM6UH0oKm
GvP02CIPeDciOrxSRVv17eH6TaVzrR+SHVTif1ZsoVmorX+WOm+sAhyWPxfVlqaZ
KrBhKlDMazQPWzTQbW6OXl6ENGY3rLvHEy+fJ5G+jwKTI4o0NbCNSjCTJ0sEuQ44
KkZ0NpIfh20YqkdkOG5Z3aiyyjMiMQvT0BrBHhpGd3wXm8dz2H0ktw==
=I110
-----END PGP SIGNATURE-----


*******************************************************************

You have received this e-mail bulletin because of your subscription to the Microsoft Product Security Notification Service. For more information on this service, please visit http://www.microsoft.com/technet/security/notify.asp.

To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp.

To unsubscribe from the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp

If you do not wish to use Microsoft Passport, you can unsubscribe from the Microsoft Security Notification Service via email as described below:
Send an email to unsubscribe to the Service by following these steps:
a. Send an e-mail to securrem@microsoft.com. The subject line and the message body are not used to process the subscription request, and can be anything you like.
b. Send the e-mail.
c. You will receive a response, asking you to verify that you really want to cancel your subscription. Compose a reply, and put "OK" in the message body. (Without the quotes). Send the reply.
d. You will receive an e-mail telling you that your name has been removed from the subscriber list.

For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.

Zum Vergrößern anklicken....

-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------
Title: 26 June 2002 Cumulative Patch for Windows Media Player
(Q320920)
Released: 26 June 2002
Revised: 24 July 2002 (version 2.0)
Software: Microsoft Windows Media Player 6.4, Microsoft Windows
Media Player 7.1, Microsoft Windows Media Player for
Windows XP
Impact: Three vulnerabilities, first reported on June 26 2002,
the most serious of which could be used to run code of
attacker's choice.
Max Risk: Critical
Bulletin: MS02-032

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS01-032.asp.
- ----------------------------------------------------------------------

Reason for Revision:
====================
On June 26, 2002, Microsoft released the original version of this
bulletin, which described the patch it provided as being cumulative.
We subsequently discovered that a file had been inadvertently omitted
>from the patch. While the omission had no effect on the effectiveness
of the patch against the new vulnerabilities discussed below, it did
mean that the patch was not cumulative. Specifically, the original
patch did not include all of the fixes discussed in Microsoft
Security Bulletin MS01-056. We have repackaged the patch to include
the file and are re-releasing it to ensure that it truly is
cumulative.

If you applied the patch delivered in Microsoft Security Bulletin
MS01-056 and the one that was distributed with the original version
of this bulletin, you're fully protected against all known
vulnerabilities in Windows Media Player and don't need to take any
action. Otherwise, we recommend that you apply the new version of
the patch provided in MS02-032.

Issue:
======
The patch includes the functionality of all previously released
patches for Windows Media Player 6.4, 7.1 and Windows Media Player
for Windows XP. In addition, it eliminates the following three
newly discovered vulnerabilities one of which is rated as critical
severity, one of which is rated moderate severity, and the last of
which is rated low severity:

- An information disclosure vulnerability that could provide the
means to enable an attacker to run code on the user's system
and is rated as critical severity.

- A privilege elevation vulnerability that could enable an attacker
who can physically logon locally to a Windows 2000 machine and
run a program to obtain the same rights as the operating system.

- A script execution vulnerability related that could run a script
of an attacker's choice as if the user had chosen to run it after
playing a specially formed media file and then viewing a specially
constructed web page. This particular vulnerability has specific
timing requirements that makes attempts to exploit vulnerability
difficult and is rated as low severity.

It also introduces a configuration change relating to file extensions
associated with Windows Media Player. Finally, it introduces a new,
optional, security configuration feature for users or organizations
that want to take extra precautions beyond applying IE patch MS02-023
and want to disable scripting functionality in the Windows Media
Player for versions 7.x or higher.

Mitigating Factors:
====================
Cache Patch Disclosure via Windows Media Player

- Customers who have applied MS02-023 are protected against
attempts to automatically exploit this issue through HTML email
when they read email in the Restricted Sites zone. Outlook 98 and
Outlook 2000 with the Outlook Email Security Update, Outlook 2002
and Outlook Express 6.0 all read email in the Restricted Sites
zone by default.

- The vulnerability does not affect media files opened from the
local machine. As a result of this, users who download and save
files locally are not affected by attempts to exploit this
vulnerability.

Privilege Elevation through Windows Media Device Manager Service:

- This issue affects only Windows Media Player 7.1 it does not
affect Windows Media Player for Windows XP nor Windows
Media Player 6.4.

- The vulnerability only affects Windows Media Player 7.1 when run
on Windows 2000, it does not impact systems that have no user
security model such as Windows 98 or Windows ME systems.

- This issue only affects console sessions; users who logon via
terminal sessions cannot exploit this vulnerability.

- An attacker must be able to load and run a program on the system.
Anything that prevents an attacker from loading or running a
program could protect against attempts to exploit this
vulnerability.

Media Playback Script Invocation:

- A successful attack requires a specific series of actions
follows in exact order, otherwise the attack will fail.
Specifically:
- A user must play a specially formed media file from an
attacker.
- After playing the file, the user must shut down
Windows Media Player without playing another file.
- The user must then view a web page constructed by the
attacker.

Risk Rating of new vulnerabilities:
============
- Internet systems: Low
- Intranet systems: Low
- Client systems: Critical

Aggregate Risk Rating (including issues addressed in
previously released patches):
- Internet systems: Critical
- Intranet systems: Critical
- Client systems: Critical

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-032.asp
for information on obtaining this patch.

Acknowledgment:
===============
- jelmer for reporting the Cache Patch Disclosure via Windows
Media Player.

- The Research Team of Security Internals
(www.securityinternals.com) for reporting Privilege
Elevation through Windows Media Device Manager Service:

- Elias Levy, Chief Technical Officer, SecurityFocus
(http://www.securityfocus.com/), for reporting the
Media Playback Script Invocation.

- ---------------------------------------------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED
"AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN
IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
SO THE FOREGOING LIMITATION MAY NOT APPLY.

Zum Vergrößern anklicken....