Update Protection against Microsoft WordPad Word 97 Text Converter Memory Corruption Vulnerability (MS10-067)
| Check Point Reference: | CPAI-2010-263 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS10-067 | |
| Industry Reference(s): | CVE-2010-2563 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Windows XP SP3
Windows XP Professional x64 Edition SP2
Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Server 2003 with SP2 (Itanium)
| ||
| Vulnerability Description A remote code execution vulnerability has been reported in Microsoft WordPad. WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 97 file format. A remote attacker can exploit this vulnerability via a specially crafted Word 97 document. Successful exploitation may allow execution of arbitrary code on a vulnerable system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS10-067 |
|
|
Vulnerability Details The vulnerability is due to a memory corruption error in the WordPad text converter that fails to correctly parse specific fields in a Word 97 document. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted document. Successful exploitation of this issue allows execution of arbitrary code once a malformed file is being loaded on a vulnerable system. |
Protection Overview
This protection will detect and block the transferring of malformed Word files over HTTP.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense,go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.