Title

Microsoft JScript and VBScript Engines Remote Code Execution Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing a vulnerability in the JScript and VBScript scripting engines. JScript and VBScript (Visual Basic Script) are interpreted, object-based scripting language that is often used to make Web sites more flexible or interactive. To exploit this vulnerability, an attacker would host a malicious web site and entice a user to access the site or click a malicious link sent via email. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code and compromise affected systems.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft bulletin MS12-056 (2706045) Vulnerable Applications/Systems: Windows XP Professional x64 Edition SP2 Windows Server 2003 x64 SP2 Windows Vista x64 SP2 Windows Server 2008 x64 SP2 Windows 7 and Windows 7 SP1 (x64) Windows Server 2008 R2 and Windows Server 2008 R2 SP1 (x64 and Itanium) Verify the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems\Applications not listed below. Jscript.dll Windows XP SP2 x64 - 5.8.6001.23380 Windows 2003 SP2 x64 - 5.8.6001.23380 Windows Vista SP2 / 2008 SP2 - 5.8.6001.19293 or 23380 Windows 7 / 2008 R2 - 5.8.7600.17045 or 21238 Windows 7 SP1 / 2008 R2 SP1 - 5.8.7601.17866 or 22024 Vbscript.dll Windows XP SP2 x64 - 5.8.6001.23380 Windows 2003 SP2 x64 - 5.8.6001.23380 Windows Vista SP2 / 2008 SP2 - 5.8.6001.19293 or 23380 Windows 7 / 2008 R2 - 5.8.7600.17045 or 21238 Windows 7 SP1 / 2008 R2 SP1 - 5.8.7601.17866 or 22024

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-33654

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.