Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Two Remote Code Execution Vulnerabilities Included in January Microsoft Patch Tuesday Content


( CVE-2010-3145, CVE-2011-0027 )

Summary


Two Windows remote code execution vulnerabilities have been disclosed by Microsoft. The first is a flaw in the Windows System Restore feature, and the second exists in the Data Access Components database access subsystem. Exploitation of either issue can allow a remote attacker to execute arbitrary code on the targeted system.

Details

The Windows System Restore feature is provided by the Windows Backup Manager program (sdclt.exe), and allows a user to restore a computer's system files to an earlier point in time. The vulnerability is due to Backup Manager incorrectly restricting the path used to load external libraries. An attacker can locate a malicious .DLL file in the same directory as a legitimate .wbcat (Windows Backup Catalog) file. Opening the .wbcat file will result in Backup Manager attempting to load the malicious .DLL file and execute code within it, leading to the attacker obtaining complete control of the targeted system.

Microsoft Data Access Components (MDAC) allow programs to access databases and manipulate the data within them. The vulnerability is due to an error in MDAC that fails to correctly allocate memory when handling internal data structures. A remote attacker could leverage this issue by hosting a specially crafted Web site that is designed to exploit this vulnerability and convincing a user to view that site. Successful exploitation of this vulnerability could allow the attacker to take complete control of an affected system.

Affected Products


Please consult the CPAI pages linked below for products affected by each of these vulnerabilities.

Solutions


Check Point IPS Software Blade, IPS-1, and SmartDefense provide network protection against these vulnerabilities in the latest IPS update by detecting and blocking attempts to exploit them. For more information about the System Restore vulnerability, see CPAI-2011-002. To learn more about the Data Access Components flaw, see CPAI-2011-004.

 

Originally Published:

Last Updated: 11-Jan-2011

Legal Notice for Threat Center Advisories