Security Advisory - August 10, 2010
Zscaler Provides Protection for 8 New Microsoft Vulnerabilities
Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following eight web based, client-side vulnerabilities included in the August 2010 Microsoft security bulletins. Zscaler clients are protected from the following vulnerabilities simply by leveraging the Zscaler platform, without the need to take any further action.
MS10-060 – Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution
Severity: Critical
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
CVE-2010-0019 - Microsoft Silverlight Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Silverlight handles pointers. The vulnerability could allow remote code execution when a user visits a specially crafted web site that contains Silverlight content.
MS10-053 – Cumulative Security Update for Internet Explorer
Severity: Critical
Affected Software
- Internet Explorer 6
- Internet explorer 7
- Internet Explorer 8
CVE-2010-1258 - Event Handler Cross-Domain Vulnerability
Description: An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted web page that could allow information disclosure if a user viewed the Web page and then interacts with the browser window using the mouse.
CVE-2010-2556 - Uninitialized Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the Web page, the vulnerability could allow remote code execution.
CVE-2010-2557 - Uninitialized Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.
CVE-2010-2558 - Race Condition Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that may have been corrupted due to a race condition. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.
CVE-2010-2559 - Uninitialized Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the Web page, the vulnerability could allow remote code execution.
CVE-2010-2560 - HTML Layout Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.
MS10-049 – Vulnerabilities in SChannel could allow Remote Code Execution
Severity: Critical
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
CVE-2009-3555 - TLS/SSL Renegotiation Vulnerability
Description: A spoofing vulnerability exists in the TLS/SSL protocol, implemented in the Microsoft Windows SChannel authentication component. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic spoofing the authenticated client.
Note: This vulnerability stems from an issue previously discussed in Microsoft Security Advisory 977377, first released on February 9, 2010. This vulnerability affected multiple vendors, however Zscaler was not affected, therefore, customers leveraging Zscaler’s SSL inspection capabilities, have not been impacted by this issue.