Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Wed, 11 May 2016 12:34:37 +0200
Type : VULN
Sujet : CERT-Renater : 2016/VULN193 (Microsoft : Critical Security Update for Microsoft Office)
===================================================================
                               CERT-Renater

                   Note d'Information No. 2016/VULN193
_____________________________________________________________________

DATE                : 11/05/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Microsoft Office versions 2007,
                           2010, 2013, 2016,
                         Microsoft Office Compatibility Pack,
                         Microsoft Office Word Viewer.

======================================================================
KB3155544
https://technet.microsoft.com/en-us/library/security/MS16-054
____________________________________________________________________

Microsoft Security Bulletin MS16-054: Security Update for Microsoft 
Office (3155544)

Document Metadata

Bulletin Number: MS16-054

Bulletin Title: Security Update for Microsoft Office

Severity: Critical

KB Article: 3155544

Version: 1.0

Published Date: May 10, 2016

Executive Summary

This security update resolves vulnerabilities in Microsoft Office. The
vulnerabilities could allow remote code execution if a user opens a
specially crafted Microsoft Office file. An attacker who successfully
exploited the vulnerabilities could run arbitrary code in the context
of the current user. Customers whose accounts are configured to have
fewer user rights on the system could be less impacted than those who
operate with administrative user rights.


Affected Software

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 2
Microsoft Word 2013 RT Service Pack 1
Microsoft Office 2016
Microsoft Word 2016
Microsoft Word 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Word Viewer


Vulnerability Information

Multiple Microsoft Office Memory Corruption Vulnerabilities

Multiple remote code execution vulnerabilities exist in Microsoft Office
software when the Office software fails to properly handle objects in
memory. An attacker who successfully exploited the vulnerabilities
could run arbitrary code in the context of the current user. If the
current user is logged on with administrative user rights, an attacker
could take control of the affected system. An attacker could then
install programs; view, change, or delete data; or create new accounts
with full user rights. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who
operate with administrative user rights.
Exploitation of the vulnerabilities requires that a user open a
specially crafted file with an affected version of Microsoft Office
software. In an email attack scenario an attacker could exploit the
vulnerabilities by sending the specially crafted file to the user and
convincing the user to open the file. In a web-based attack scenario an
attacker could host a website (or leverage a compromised website that
accepts or hosts user-provided content) that contains a specially
crafted file that is designed to exploit the vulnerabilities. An
attacker would have no way to force users to visit the website. Instead,
an attacker would have to convince users to click a link, typically by
way of an enticement in an email or Instant Messenger message, and then
convince them to open the specially crafted file. The security update
addresses the vulnerabilities by correcting how Office handles objects
in memory.
The following tables contain links to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:


Vulnerability title	CVE number	Publicly disclosed   Exploited
Microsoft Office Memory
Corruption Vulnerability	CVE-2016-0126	No		No
Microsoft Office Memory
Corruption Vulnerability	CVE-2016-0140	No		No
Microsoft Office Memory
Corruption Vulnerability	CVE-2016-0198	No		No


Microsoft Office Graphics RCE Vulnerability - CVE-2016-0183

A remote code execution vulnerability exists when the Windows font
library improperly handles specially crafted embedded fonts. An attacker
who successfully exploited this vulnerability could take control of the
affected system. An attacker could then install programs; view, change,
or delete data; or create new accounts with full user rights. Users
whose accounts are configured to have fewer user rights on the system
could be less impacted than users who operate with administrative user
rights.
There are multiple ways an attacker could exploit this vulnerability. In
a web-based attack scenario, an attacker could host a specially crafted
website that is designed to exploit this vulnerability, and then
convince a user to view the website. An attacker would have no way to
force a user to view the attacker-controlled content. Instead, an
attacker would have to convince a user to take action, typically by
getting the user to click a link in an email message or in an Instant
Messenger message that takes the user to the attacker's website, or by
opening an attachment sent through email.
In a file sharing attack scenario, an attacker could provide a specially
crafted document file that is designed to exploit the vulnerability, and
then convince a user to open the document file.

Note that where the severity is indicated as Critical in the Affected
Software and Vulnerability Severity Ratings table, the Preview Pane is
an attack vector for CVE-2016-0183. The security update addresses the
vulnerability by correcting how the Windows font library handles
embedded fonts.

The following tables contain links to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability title   CVE number	Publicly disclosed   Exploited
Microsoft Office Graphics
RCE Vulnerability     CVE-2016-0183	No			No

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]