[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 445/05 - Macromedia Security Bulletin: MPSB05-04 - Potential Security Risk with



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 445/05 dated 10.06.05  Time: 15:45  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Macromedia Security Bulletin: MPSB05-04 - Potential Security Risk with 
Macromedia eLicensing Client Activation Code

Detail
====== 

Windows versions of the Macromedia installers and eLicensing 
client install a service with permissions that allow any 
member of the "Users" group to modify the service settings.  
This may allow local users to obtain the permissions of the 
"Local System" account.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
MPSB05-04 Security Bulletin - Potential Security Risk with 
Macromedia eLicensing Client Activation Code 
		
Originally posted: June 9, 2005 

http://www.macromedia.com/go/mpsb05-04  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
	
Summary:

Windows versions of the Macromedia installers and eLicensing 
client install a service with permissions that allow any 
member of the "Users" group to modify the service settings.  
This may allow local users to obtain the permissions of the 
"Local System" account.

This potential vulnerability does not affect products 
installed on machines with a single user, and it cannot be 
exploited remotely. 

~~~~~~~ 
		
Solution: 
		
A hotfix can be downloaded from the Macromedia website to 
protect users of affected versions of Macromedia products, 
listed below. 

Download hotfix here: 
http://www.macromedia.com/go/mpsb05-04  

All future versions of Macromedia products will be unaffected 
by this issue. 

~~~~~~~ 

Affected Software Versions:  
		
All versions of Macromedia MX 2004 products (Studio, Studio 
with Flash Professional, Flash Professional, Flash, FreeHand, 
Dreamweaver, Fireworks, and Director) as well as Captivate, 
Contribute 2, and Contribute 3 are affected.
	
~~~~~~~ 
	
Severity Rating: 
		
Macromedia categorizes this issue as an Important update 
and recommends that administrators of systems supporting 
multiple users apply the patch located here: 
http://www.macromedia.com/go/mpsb05-04   
		
~~~~~~~ 

Details: 
		
Windows versions of the Macromedia installers and eLicensing 
client install the 'Macromedia Licensing Service' as a Local 
System service with a service Access Control List (ACL) that 
allows members of the "Users" group to modify the service 
configuration information. This information includes the 
service's "path to executable," which identifies the command 
that is run when the service is started. By replacing the 
default setting with an alternate file or command, any 
logged-on user may be able to run arbitrary code in the 
security context of the Local System account. 

~~~~~~~ 

Acknowledgements:  
		
Macromedia would like to thank our colleagues at Macrovision, 
Adobe, and Autodesk for their cooperation on this issue.   
		
~~~~~~~ 

Revisions: 
		
June 9, 2005 - Bulletin first created. 

~~~~~~~ 
		
Reporting Security Issues:  
		
Macromedia is committed to addressing security issues and 
providing customers with the information on how they can 
protect themselves. If you identify what you believe may 
be a security issue with a Macromedia product, please send 
an e-mail to secure@xxxxxxxxxxxxxxx We will work to 
appropriately address and communicate the issue. 
		
~~~~~~~ 

Receiving Security Bulletins: 

When Macromedia becomes aware of a security issue that we 
believe significantly affects our products or customers, 
we will notify customers when appropriate. Typically this 
notification will be in the form of a security bulletin 
explaining the issue and the response. Macromedia customers 
who would like to receive notification of new security 
bulletins when they are released can sign up for our 
security notification service. 

For additional information on security issues at Macromedia, 
please visit: 
http://www.macromedia.com/security. 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
ANY INFORMATION, PATCHES, DOWNLOADS, WORKAROUNDS OR FIXES 
PROVIDED BY MACROMEDIA IN THIS BULLETIN ARE PROVIDED "AS IS" 
WITHOUT WARRANTY OF ANY KIND. MACROMEDIA AND ITS SUPPLIERS 
DISCLAIM ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED OR 
OTHERWISE, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND 
FITNESS FOR A PARTICULAR PURPOSE. ALSO, THERE IS NO WARRANTY 
OF NON-INFRINGEMENT, TITLE OR QUIET ENJOYMENT. (USA ONLY) 
SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, 
SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. 

IN NO EVENT SHALL MACROMEDIA, INC. OR ITS SUPPLIERS BE 
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT 
LIMITATION, DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, 
SPECIAL, PUNITIVE, COVER, LOSS OF PROFITS, BUSINESS 
INTERRUPTION OR THE LIKE, OR LOSS OF BUSINESS DAMAGES, 
BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF 
CONTRACT, BREACH OF WARRANTY, TORT(INCLUDING NEGLIGENCE), 
PRODUCT LIABILITY OR OTHERWISE, EVEN IF MACROMEDIA, INC. 
OR ITS SUPPLIERS OR THEIR REPRESENTATIVES HAVE BEEN 
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. (USA ONLY) 
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF 
LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE 
ABOVE EXCLUSION OR LIMITATION MAY NOT APPLY TO YOU AND 
YOU MAY ALSO HAVE OTHER LEGAL RIGHTS THAT VARY FROM STATE 
TO STATE. 

Macromedia reserves the right, from time to time, to 
update the information in this document with current 
information. 

Macromedia, 601 Townsend St., San Francisco, California 94103 




- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Macromedia for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQqmlkopao72zK539AQETrgP+Oin82jOGYoQvy1kyuz0MyVf3nVfHDuWs
QkMvp6W6yUY72juxCeeEawsAPRQuM8s1zeOoU48r+3XhZNsMuqEO/aBaJPINlPDb
3DoQmvQMM3a+eYi1hLrXthnGv4MRROFEoHy7S18dMaiGtN48SS5ucx/cGAjpQE41
/d/Y5WJ6Y6k=
=qxIt
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________