Title

Microsoft Windows Common Control Library Remote Code Execution Vulnerability (Cat II impact)

Discussion

Microsoft has reported a vulnerability affecting Microsoft Windows Common Control Library. The common controls are a set of windows that are implemented by the common control library, Comctl32.dll, which is a DLL included with the Windows operating system. Like other control windows, a common control is a child window that an application uses in conjunction with another window to enable interaction with the user. To exploit this vulnerability, an attacker would entice a user to access a malicious or compromised web site. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code and compromise the affected system. At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents. Comctl32 Heap Overflow Vulnerability - (CVE-2010-2746): A remote code execution vulnerability exists in the way that the Windows common control library renders specially crafted Web sites when using a third-party scalable vector graphics (SVG) viewer. This vulnerability could allow code execution if a user visited a specially crafted Web page.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft Bulletin MS10-081 (2296011). Vulnerable Applications/Systems: Windows XP SP 3 Windows XP Professional x64 Edition SP 2 Windows Server 2003 SP 2 (x86, x64 and Itanium) Windows Vista SP 1 and SP 2 (x86 and x64) Windows Server 2008 and Windows Server 2008 SP 2 (x86*, x64* and Itanium) Windows 7 (x86 and x64) Windows Server 2008 R2 (x64* and Itanium) *Server Core installation affected. Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems\Applications not listed below. Comctl32.dll Windows XP SP3 5.82.2900.6028 or 6.0.2900.6028 Windows XP SP2 x64 5.82.3790.4771 or 6.0.3790.4770 Windows 2003 SP2 5.82.3790.4771 or 6.0.3790.4770 Windows Vista SP1 / 2008 5.82.6001.18523 or 22755 or 6.10.6001.18523 or 22755 Windows Vista SP2 / 2008 SP2 5.82.6002.18305 or 22480 or 6.10.6002.18305 or 22480 Windows 7 and 2008 R2 Fixed by SP1 Windows 7 / 2008 R2 5.82.7600.16661 or 20787 or 6.1.7600.16661 or 20787

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-25534

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.