Microsoft has released security updates designed to plug a kernel hole labeled with a severity rating of Critical affecting all supported versions of Windows client and server platforms, including Windows Vista Service Pack 1 and Windows XP SP3. A total of three security bulletins were made available on March 10, 2009, patching no less than eight vulnerabilities, just one considered Critical with the remaining seven rated as Important. Only two vulnerabilities impacting Windows DNS server and Windows WINS server have been publicly disclosed ahead of the release of the security updates, with the rest of the issues having been privately reported to Microsoft.
“The March 2009 release contains 3 new bulletins, 1 of which has a maximum severity of "Critical." MS09-006 - Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690); MS09-007 - Vulnerability in SChannel Could Allow Spoofing (960225); MS09-008 - Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238). We also revised bulletin MS08-052 Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593), to note a revision to some of the packages associated with this bulletin (specifically 938464),” revealed Bill Sisk, Microsoft Security Response Center Communications Manager.
Windows Kernel Input Validation Vulnerability – CVE-2009-0081 is the Critical issue affecting not only Vista SP1 and XP SP3, but also Windows Server 2008 and Windows Server 2003. According to Microsoft, “a remote code execution vulnerability exists in the Windows kernel due to improper validation of input passed from user mode through the kernel component of GDI. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Vista SP1 and XP SP3 are also affected by the Windows Kernel Handle Validation Vulnerability – CVE-2009-0082 (Important) and the SChannel Spoofing Vulnerability – CVE-2009-0085 (also Important). The video at the bottom of this article features insight on all the vulnerabilities patched on March 10.
“This month we are adding another new video feature. In addition to the entire security bulletin webcast recordings being posted for you to playback (available later this week), we are also providing a short, five to ten minute overview of the bulletins we have released. These clips will focus on the severity of the issue and the exploitability index ratings we have assigned them in order to help you get a quick understanding of the impact to your environment,” explained Jerry Bryant, Sr. Security Program Manager.