微软4月11日发布5款升级补丁，修正了8个漏洞

微软发布5款补丁软件修正了8个漏洞，其中包括一个影响Vista的“危急”零日缺陷。

其中4个补丁软件修正Windows中的缺陷，3个被标识为“危急”，另外一个被标识为“重要”。在Windows 补丁软件中包括一款修正于去年12月份被首次发现的零日缺陷的补丁软件，最初，安全专家曾误认为该缺陷并不严重，认为只有能够使用有缺陷计算机的用户才可能利用该缺陷。

微软在MS07-021安全公告中说，这一缺陷存在于一个名为Client/Server Run-time Subsystem的Windows 组件中，影响所有当前的Windows 版本。如果用户访问一个经过特别设计的恶意网站，成功地利用该缺陷的黑客能够完全控制受影响的系统。

MS07-021是本周二发布的唯一影响Vista 的补丁软件，所有的补丁软件都影响Windows XP。修正的缺陷中包括Microsoft Agent中一个危急漏洞，这一Microsoft Agent 缺陷还影响Windows 2000和Windows Server 2003。

赛门铁克安全响应中心的产品经理温斯在一份电子邮件声明中说，在微软4 月份发布的补丁软件中，Client/Server Run-time Subsystem和Microsoft Agent 是最为严重的。他表示，由于影响多个Windows 版本，被利用的可能性大大增加，这些补丁软件是危急的。

Windows XP的即插即用功能中也存在一个危急缺陷。微软在MS07-019安全公告中表示，用户无须采用任何措施，黑客就可以利用这一缺陷，但黑客必须与目标计算机在同一个子网上。攻击可能被防火墙屏蔽掉。

IBM旗下Internet Security Systems研究人员汤姆说，尽管如此，黑客似乎在大肆利用这一即插即用缺陷。汤姆在一份电子邮件声明中表示，由于利用非常方便，我们非常重视Universal Plug and Play 缺陷，预计到本周末就会出现利用它的恶意代码。

本周二发布的第五个安全公告MS07-018修正了Content Management Server中的两个缺陷，其中一个被标识为“危急”，通过利用该缺陷，黑客可以获得利用微软软件的网站的控制权。

Vista之家（www.vista123.com）特别提供英文原文如下：

Five patches have been released for bugs in Microsoft's Windows operating system and another for a critical flaw in Microsoft Content Management Server..

Microsoft released six fixes, including one for a critical bug in Windows Vista, in its monthly Patch Tuesday security update. Five of the six bugs were given a critical rating. The sixth bug was rated important.

Five of the patches were for bugs in Microsoft's Windows operating system -- four of them are rated critical and one is rated as important. The other patch was for a critical flaw in Microsoft Content Management Server.

April's Patch Tuesday is the first security update since Microsoft skipped its monthly security update in March. However, Microsoft issued an emergency patch last week for a .ANI vulnerability that was being heavily exploited. That emergency patch was reissued in today's security update.

"There are quite a few surprises," said Johannes Ullrich, chief research officer at the SANS Institute and chief technology officer for the Internet Storm Center. "It's surprising to have such a large list of critical ones. There's usually one or two critical bugs being fixed. This time there's one important and the rest are critical."

Ullrich also noted in an interview that a few of the areas being patched have been patched before. The first bug to be found in Windows XP was in the Universal Plug and Play capability, which is being patched today. Ullrich also pointed out that there have been several vulnerabilities fixed in Microsoft Agent, which is software designed to make it easier for developers to enhance the user interface of applications and Web pages. Microsoft patched a critical bug in it today, as well.

While Ullrich said these are all different bugs than the others found earlier in these applications, it's curious to see more bugs in software that has already gotten the once -- or twice -- over.

Tuesday's security update includes a patch for a critical bug in CSRSS, a message function in Windows Vista, which could enable remote code execution. The bug does affect other Windows versions, including Windows 2000 and Windows XP, but gained the most attention for affecting the highly touted Windows Vista operating system.

It was the first publicly disclosed bug in Windows Vista. Researchers at Determina reported the bug to Microsoft last December.

"Arbitrary code execution is possible, but requires a great deal of luck, though a denial-of-service is definitely possible," wrote Peter Ferrie, a security response engineer for Symantec, in a blog posted this past January.

"Why the fuss? Simply put, successful exploitation of the bug allows even the most restricted user-mode application to elevate its privileges to the System level. From there, the kernel is accessible even on Vista."

The other patches cover a critical flaw in Microsoft Content Management Server that could enable remote code execution; a critical vulnerability in the Universal Plug and Play that could enable remote code execution, and a critical flaw in Microsoft Agent that could enable remote code execution.

The vulnerability rated important is in the Windows Kernel. The bug enables an elevation of privilege.

Symantec's Security Response Team rates the Microsoft Agent vulnerability to be the most critical of today's security bulletins since a successful exploit could allow an attacker to install malicious code and gain complete control of the affected system.

The patches can be automatically updated or users can go to this Web site to download them manually.