MS Issues Two Fixes for Patch Tuesday

Microsoft issued two more critical patches as part of its regular Patch Tuesday security update, including a fix for a vulnerability when viewing embedded Web fonts and a flaw in the decoding of TNEF messages. The company included its WMF fix with the monthly security updates, although a patch for the issue has been available since January 5.

The first patch fixes a problem in how Windows displays embedded Web fonts. The flaw could enable malformed fonts to be used as a way to execute code on a remote system. The vulnerability could be exploited through either a malicious Web site or specially crafted e-mail message, Microsoft said.

The flaw was first reported to Microsoft by security firm eEye Digital Security in March of this year, and affects all versions of the operating since Windows NT and Windows 98. According to an advisory discussing the vulnerability, the problem has been traced back to a heap overflow issue in T2EMBED.DLL.

The second patch pertains to a remote code execution vulnerability in the way Microsoft Outlook and Exchange handle Transport Neutral Encapsulation Formation MIME attachments. An attacker could create a TNEF message that would exploit this flaw when the e-mail is previewed, or Exchange Server processes the message.

Microsoft has credited John Heasman and Mark Litchfield of NGS Software for alerting the company to the problem. The flaw affects Microsoft Office 2000, XP and Office 2003, as well as Microsoft Exchange Server 5.0, 5.5 and 2000 Service Pack 3.

The issue does not affect Microsoft Exchange Sever 2003 SP1 and SP2, Microsoft said.

Both flaws are said to allow for remote code execution that could give a hacker complete control of a user's system, and the patches are available for download from the Microsoft Download Center and Microsoft Update.

The next security update has been scheduled for February 14, 2006.