Microsoft has released patches for two critical security flaws in its software products. The patches fix a problem in the Windows operating system, as well as a bug in the Outlook and Exchange messaging software, all of which could theoretically be exploited by attackers to seize control of an unpatched computer.
The Windows bug (http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx) relates to the way the OS processes embedded Web fonts, which are used by Web page authors to ensure that their pages are displayed exactly as intended. By tricking a user into visiting a Web page with a specially formed embedded Web font, an attacker could, in theory take complete control of an affected system, Microsoft warned on its website.
The second vulnerability (http://www.microsoft.com/technet/security/Bulletin/MS06-003.mspx) relates to the Transport Neutral Encapsulation Format (TNEF) encoding format used by Outlook and Exchange. In theory, attackers could send specially crafted email messages to unpatched Exchange servers or Outlook clients that could then be used to seize control of the systems running the messaging software.
Because hackers have not yet published code that shows how to exploit these bugs, the two vulnerabilities are not considered as dangerous as the Windows Windows Metafile Format (WMF) flaw that Microsoft patched late last week. But the flaws are critical, and security experts suggest that it may only be a matter of time before they are exploited.
The Web fonts bug seemed like it would be the easier of the two for attackers to exploit, technical product manager for Internet Security Systems's X-Force research team, Alain Sergile, said. But because the TNEF bug could affect server software as well as the client, it is particularly noteworthy, he said.
"We deem this one very critical and very serious because of the criticality of Exchange within organisations," Sergile said.
Microsoft rates the Web fonts bug as critical for Windows 98, 2000 and XP users. The TNEF flaw is rated critical for Outlook 2000, 2002 and 2003, as well as Exchange Server 5.0 and 5.5 and Exchange 2000 server. This latter flaw also affects users running the Office Multilingual User Interface Packs.