Nortel Response to Microsoft Security Bulletin MS09-022
| Description: |
On Tuesday, June 9th, Microsoft released MS09-022 - Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501). This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. The update addresses the vulnerabilities by changing the way the print spooler parses certain printing data structures, limiting the location where separator pages or embedded files can be read by the Windows Printing Service, and restricting the paths from which the print spooler can load a DLL. Some Nortel products contain this Microsoft software as a component and thus are potentially affected by the vulnerabilities. This bulletin contains a consolidated, multi-product response to the Microsoft update. MS09-022 addresses the following CVEs: 1) Buffer Overflow in Print Spooler Vulnerability - CVE-2009-0228 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0228 A remote code execution vulnerability exists in the Windows Print Spooler that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. 2) Print Spooler Read File Vulnerability - CVE-2009-0229 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0229 A local, authenticated information disclosure vulnerability exists in the Windows Printing Service that could allow a user to read or print any file on the system. This action can be taken even if the user does not have administrative access. However, the vulnerability could not be exploited re |
| Type: |
Security Advisories |
| Number: |
2009009558, Rev 1 |
| Status: |
Retired |
| Date: |
2009-12-10 |
