CVE-2017-9948: Microsoft Skype ‘MSFTEDIT.DLL’ Buffer Overflow Vulnerability
Description: A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.
Impact: Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. Microsoft Skype 7.2, 7.35, 7.3.5.103, 7.36.0.101, 7.36.0.150, and 7.36 are vulnerable; other versions may also be affected.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
Reference URL’s:
- https://www.vulnerability-lab.com/get_content.php?id=2071
- https://www.vulnerability-db.com/?q=articles/2017/05/28/stack-buffer-overflow-zero-day-vulnerability-uncovered-microsoft-skype-v72-v735
- http://www.cvedetails.com/cve/CVE-2017-9948/
- http://www.securityfocus.com/bid/99281/info
- https://www.skype.com/en/download-skype/skype-for-windows/downloading/
Recommended Posts
Cisco Releases Security Updates
23 May 2018 - Security Advisories & Alerts
Subscribe here
MEMBER OF:
Mustafa Jabbar (born 12 August 1949) is the current technocrat minister of the Ministry of Post, Telecommunication and Information Technology in Bangladesh. He also served as the president of Bangladesh Association of Software and Information Services (BASIS). He is best known for the creation of Bijoy Bengali keyboard, the first Bengali keyboard in 1988, which was most widely used Bengali input method around the world. He served as the president of Bangladesh Computer Samity, the national ICT organisation of Bangladesh for four consecutive periods.
Mustafa Jabbar’s ancestral home is in Krishnapur village, Khaliajuri Upazila in Netrokona district. He was born on Ashuganj Upazila in Brahmanbaria District to his parents Abdul Jabbar Talukdar and Rabeya Khatun. Mustafa Jabbar passed his HSC examination from Dhaka College. In 1968, he enrolled in the Department of Bangla at the University of Dhaka and completed his BA in 1972 and MA in Journalism in 1974.
Mustafa Jabbar was a member of Mujib Bahini (Bangladesh Liberation Force) in 1971 and participated in the Liberation War of Bangladesh. He was involved in the movement of freedom of the press and was actively associated with the Dhaka Union of Journalists. He was elected as the Organising Secretary of Dhaka Union of Journalists (DUJ).
Mustafa Jabbar started his career as a journalist in 1972 for Daily Ganakantha until it’s shut down in 1975. In 1973, he was elected as the publicity secretary of the Dhaka Union of Journalists. He got involved in the businesses of travel agency, printing and publication. He had served as the general secretary of the Association of Travel Agents of Bangladesh (ATAB). Mustafa Jabbar is a founder member of the Bangladesh Computer Samity (BCS) and its four-time president. He also anchored television shows on IT. Mustafa Jabbar founded Ananda Computers, best known for developing the first Bangla keyboard Bijoy. He heads the Bangladesh Association of Software and Information Services— the trade body of IT entrepreneurs in Bangladesh. Mustafa Jabbar started a venture involving computers and IT in 1987 and launched the Bijoy Bangla Keyboard and Software on 16 December 1988. He has developed Bangla Braille publishing system which enables blind people to use Bangla Braille in a computer. Mustafa Jabbar is also regarded as the Master of Digital Bangla Font designing. He has developed Bijoy Library, a library management Software which is being used by libraries of Bangladesh including British Council. He has developed a software named Bijoy Shishu Shiksha for pre-school kids. He developed Prathomik Computer Shiksha, based on textbooks published by National Curriculum and Textbook Board (NCTB). He established schools in Bangladesh including computer-based Ananda Multimedia School and Bijoy Digital School. He is involved in writing textbooks on computer in Bangla and English. Mustafa Jabbar sat on several government committees on ICT affairs, including the prime minister-formed Digital Bangladesh Taskforce. He is also a member of the Bangladesh Copyright Board. He was appointed as the Minister of Posts, Telecommunications and Information Technology of the Government of Bangladesh on 3 January 2018.
Mr. Subir Kishore Chowdhury, an officer of Bangladesh Civil Service ’84 batch, joined as Secretary of Information and Communication Technology Division on August 13, 2017. He had been working as Secretary in charge prior to his promotion. Before that he had been working as additional Secretary (APD) in the Ministry of Public Administration. He is well known for his skill and performance in the field of Human Resource Planning and Management.
As a member of Bangladesh Civil Service (administration) cadre Mr. Subir Kishore Chowdhury started his career in the civil service as an Assistant Commissioner in the month of January, 1986. He served as Assistant Commissioner (Land), Nejarot Deputy Collector, Upazila Nirbahi Officer, Municipal Chief Executive Officer in the field administration. Then he moved to the secretariat and served as Senior Assistant Secretary, Deputy Secretary, Joint secretary and additional Secretary in the Ministry of Fisheries and Livestock, Food and Disaster Management, and Ministry of Public Administration. He also served as Director of NGO affairs Bureau under the Prime Minister’s Office. He gathered higher experience working as the chief of CPT and APD wing of the Ministry of Public Administration.
Mr. Chowdhury earned his Bachelor Degree with honours in Botany and Master’s Degree in Government and Politics. He completed all essential training course necessary for service including Foundation Training Course, Law and Administration Course, Survey and settlement Course, Land Administration Training Course, BMA training, Advanced Course on Administration and Development, and Managing at the Top Course. Moreover, he participated several short training programme both at home and abroad, particularly in Cambodia, China, Japan, Malaysia, Singapore, and Vietnam. He attended several seminars and workshops on various issues in Belgium, China, Georgia, India, Indonesia, Malaysia, New Zealand, Singapore, Sri Lanka, Thailand, the United States of America, Uganda, and Vietnam. He also travelled to Germany, Nepal, Qatar, Turkey, and, United Arab Emirates.
An ingenious Choudhury has carved the sign of innovativeness at all stages of his service career. Quality education, creation of self-employment for the ultra-poor, establishment of music school and public library to satisfy the aesthetic need of the local people at sub-district level using limited local resources are some of the notable works of his diverse activities.
He took initiatives for the capacity development of public officials through training in foreign reputed training institutes. His successful initiatives resulted in signing of Memorandum of Understanding with the reputed training institutes of India, Thailand, Malaysia, and Vietnam. The current flow of training of public officials in foreign training institutes is the result of his tireless efforts. He also worked at the back end on collaborative activities with some foreign reputed universities to create opportunities for higher education of public officials at a cheaper cost. He successfully negotiated with the High Commission of India for the inclusion of District Magistrates and Divisional Commissioners in the Mid-career Training Programme at Mussorie. He contributed to set the wheels of Public Administration Award in motion for the first time in the country. He pioneered the re-engineering of business process at a limited array in the CPT and APD wing of the Ministry of Public Administration.
Mr. Choudhury was born in a respectable family of Charpara village of Ishwargonj Upazila under Mymensing district in 1962. He is the second son of late Ramendra Kishore Choudhury and Sadhana Choudhury. He is married to Manashi Chakraborty, and is blessed with one son and a daughter.
Zunaid Ahmed Palak was born on 17 May 1980 Singra under Natore dristrict. Mr. Faiz Uddin Ahmed and Ms. Zamila Ahmed are his parents. His father was an active political activist being inspired by the ideology of Bangabandhu Sheikh Mujibur Rahman. Being the then General Secretary of the Singra upazila unit of Bangladesh Awami League, he played an important role as one of the organizers of the great war of independence in the Chalan beel area.
Mr. Palak passed SSC examination from the Singra Damdama Pilot School and College in 1995 securing first division (with star marks and letter marks in five papers) and HSC examination from the Rajshahi Govenment College in 1997 securing first division (with letter marks in two papers). He obtained Bachelor degree, Master degree in Political Science and LLB from the National University of Bangladesh. Then, he started his career as a professional lawyer in the Natore District Judge’s Court and now he is a member of the Bangladesh Supreme Court Bar Council. He successfully completed a Capstone course from the National Defense College (NDC) in Dhaka.
He was very conspicuous in different co-curricular activities, like debate, recitation, impromtouspreech and sports. He obtained several prestigious awards in different seasonal competitions held at the district and divisional levels. During his student life, he performed music on many occasions. He was simultaneously an efficient sports organizer and a talented sportsperson. While studying in class VI, he established “Durdom” (indomitable) club that was turned into a center of sports and socio-cultural activities of the children from his locality. He was greatly inspired by the scouting movement of Robert Baden-Powell during his school life. He participated in the 1st Asia Pacific Jamboree held in Mouchak, Gazipur in 1994 as the team leader. He is one of the advisers of BPL franchisee ‘Duronto Rajshahi’.
After passing HSC exam, he avoided the temptation to study in a famous institution. Instead, he got admitted in a local college with a view to stand by his community in their will and woe and commenced his political career by joining Bangladesh Students’ League, a forum with a very reach tradition in students’ movement and politics. He was elected VP of the Gol-e-Afroze Govt. College Students’ Union at the age of 18 years. Later on, he joined Bangladesh Awami League, a party that led the nation for its independence.
Mr. Palak got nomination from Bangladesh Awami League for the national election held in 2008 and was elected Member of Parliament by a huge margin at the age of 28 years. He was the youngest Member of Parliament (MP) in the ninth parliament. He played an active role as a member of the Parliamentary Standing Committee on ICT Ministry. He was also a member of the Parliamentary Standing Committee on Private Members’ Bill during the ninth parliament. Besides, he was a Co-convener of the All Party Parliamentary Committee on Climate Change.
He became a member of the Executive Committee of central Awarmi League in 2012 at the age of 32 years. In the national election held on 5 January 2014, he contested in a participatory election and elected Member of Parliament for second consecutive term with overwhelming support from the people of his constituency. Afterwards, Honorable Prime Minister Sheikh Hasina included Mr. Palak in her new Cabinet. He was sworn in as a Minister of State on 12 January 2014 at the age of 33 years and 8 months. Now, he is the youngest member in the Cabinet.
Mr. Palak is happily married to Ms. Arifa Jesmin, who did her Master of Science in Psychology and is a lecturer. They are blessed with three sons: Apurbo Zunaid, Aarjan Zunaid and Anirban Zunaid. He participated in the UN General Assembly as a member of state delegation and visited several countries across the globe as part of different official visits, summits, seminar, workshops and training programs. All sorts of modern technologies, especially ICT, law and governance, environment, music and arts are among his fields of interest. He undertook a special campaign of aforestation in his constituency in 2010. As part of the campaign, he distributed more than five hundred thousand saplings among general people. In recognition, he has been given National Environment Award by the Honorable Prime Minister of the People’s Republic of Bangladesh.
Information and Communication Technology Affairs Adviser to the Hon’ble Prime Minister
Sajeeb Wazed Joy, is a Bangladeshi-American ICT Consultant and political campaigner. He is the son of Sheikh Hasina, the Honorable Prime Minister, Government of the People’s Republic of Bangladesh, and the eldest grandson of Sheikh Mujibur Rahman, the first President of Bangladesh. A member of the Awami League, He was a key figure in formulating the party’s vision 2012 manifesto. He is currently serving as the Honorable Prime Minister’s Information and Communication Technology Affairs Adviser.
Sajeeb Wazed Joy graduated with a B.Sc. in Computer Engineering from the University of Texas at Arlington in the United States and attended the Kennedy School of Government at Harvard University, where he earned his Masters in Public Administration degree.
In 2007, Sajeeb Wazed Joy was selected by the World Economic Forum in Davos as one of the “250 Young Global Leaders of the World”. The forum cited his role as Advisor to the President of the Bangladesh Awami League.
On 25 February 2009, Sajeeb Wazed Joy officially joined the Awami League as a primary member of the Rangpur district unit of the party.
Within days of joining the Awami League as a primary member, Sajeeb Wazed Joy, in his capacity as an IT policy analyst, unveiled the concept paper and action plan for the government’s ambitious “Digital Bangladesh” scheme; to develop a strong ICT industry in Bangladesh and initiate e-governance and IT education on a mass scale.