Microsoft Protections at Juniper Networks
As a member of the Microsoft Active Protection Program (MAPP) 
, Juniper Networks provides its customers with updated software protection information to address vulnerability exposures issued by Microsoft Security Advisory.
MICROSOFT SECURITY ADVISORY (26396580): VULNERABILITY IN TRUETYPE FONT PARSING COULD ALLOW ELEVATION OF PRIVILEGE
Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.
Juniper Networks protects against this vulnerability with the following signature:
HTTP: Microsoft Windows TrueType Font Parsing Remote Code Execution
Released Nov. 4, 2011
This signature detects attempts to exploit a known vulnerability against Microsoft Windows TrueType Font. A successful attack can lead to arbitrary code execution.
Product versions that are covered:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2**
- Windows Server 2008 for x64-based Systems Service Pack 2**
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1**
- Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
References:
-
http://support.microsoft.com/kb/2639658
-
http://technet.microsoft.com/en-us/security/advisory/2639658
-
CVE-2011-3402
If you have questions about Juniper's coverage for Microsoft vulnerabilities, please submit your inquiry to: mapp@Juniper.net.
Latest Security & Mobility Now Blog Posts
Security Products
Related Software
