Zscaler Security Advisories

Security Advisory - August 10, 2010

Zscaler Provides Protection for 8 New Microsoft Vulnerabilities

  1. Overview

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following eight web based, client-side vulnerabilities included in the August 2010 Microsoft security bulletins. Zscaler clients are protected from the following vulnerabilities simply by leveraging the Zscaler platform, without the need to take any further action.

MS10-060 – Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution

Severity: Critical
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

CVE-2010-0019 - Microsoft Silverlight Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Silverlight handles pointers. The vulnerability could allow remote code execution when a user visits a specially crafted web site that contains Silverlight content.

MS10-053 – Cumulative Security Update for Internet Explorer

Severity: Critical
Affected Software

  • Internet Explorer 6
  • Internet explorer 7
  • Internet Explorer 8

CVE-2010-1258 - Event Handler Cross-Domain Vulnerability

Description: An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted web page that could allow information disclosure if a user viewed the Web page and then interacts with the browser window using the mouse.

CVE-2010-2556 - Uninitialized Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the Web page, the vulnerability could allow remote code execution.

CVE-2010-2557 - Uninitialized Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.

CVE-2010-2558 - Race Condition Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that may have been corrupted due to a race condition. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.

CVE-2010-2559 - Uninitialized Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the Web page, the vulnerability could allow remote code execution.

CVE-2010-2560 - HTML Layout Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted web page. When a user views the web page, the vulnerability could allow remote code execution.

MS10-049 – Vulnerabilities in SChannel could allow Remote Code Execution

Severity: Critical
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

CVE-2009-3555 - TLS/SSL Renegotiation Vulnerability

Description: A spoofing vulnerability exists in the TLS/SSL protocol, implemented in the Microsoft Windows SChannel authentication component. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic spoofing the authenticated client.

Note: This vulnerability stems from an issue previously discussed in Microsoft Security Advisory 977377, first released on February 9, 2010. This vulnerability affected multiple vendors, however Zscaler was not affected, therefore, customers leveraging Zscaler’s SSL inspection capabilities, have not been impacted by this issue.