2 Microsoft Security Bulletins for November 2007
by Orin Thomas, MVP Windows Security, orin@windowsitpro.com

Microsoft released two security updates for November, rating one of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=6DCC2:77AE4A322B7B2F2D9C86AE070F7D4B6B

MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Uniform Resource Identifier (URI) which could be located in an application or an attachment. If unpatched, the vulnerability could allow the execution of unauthorized code on the target computer.

Applies to: Windows XP and Windows Server 2003. Does not apply to Windows Vista or Windows 2000 SP4.

Recommendation: The vulnerability has been publicly disclosed. You should perform accelerated testing and deployment of this update.

MS07-062: Vulnerability in DNS Could Allow Spoofing

The attack vector for this exploit is specially crafted responses to DNS requests, which could be used to redirect Internet traffic from legitimate locations.

Applies to: Windows 2000 Server and Windows Server 2003. Does not apply to client software such as Windows Vista or Windows XP

Recommendation: Microsoft rates this update as important. If you deploy an Internet-facing DNS server, you should perform accelerated testing and deployment. If you deploy DNS only on an internal network, you should test and patch as part of your normal patch management cycle.

6 Microsoft Security Bulletins for October 2007
by Orin Thomas, MVP Windows Security, orin@windowsitpro.com

Microsoft released six security updates for October, rating four of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=6969B:77AE4A322B7B2F2DE0CA9A2548B50388

MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution

The attack vector for this exploit is specially crafted image files.
The exploit targets Kodak Image Viewer, formerly known as Wang Image Viewer. If unpatched, this vulnerability could be leveraged to allow the execution of remote code on the affected system.

Applies to: Windows 2000 and versions of Windows XP and Windows Server
2003 that were installed as upgrades from Windows 2000. Computers on which Windows XP and Windows Server 2003 were installed directly are not vulnerable.

Recommendation: This vulnerability was privately reported. You need to perform accelerated testing only if your environment has computers running Windows 2000 or computers running Windows XP or Windows Server
2003 that was upgraded from Windows 2000.

MS07-056: Security Update for Outlook Express and Windows Mail

The attack vector for this exploit is a Network News Transfer Protocol
(NNTP) response from a news server. The attacker must draw the subject of the attack to visit an NNTP server, which would deliver this exploit. The exploit targets Outlook Express and Windows Mail and could be leveraged to allow remote code execution. Although this exploit has yet to be detected outside a lab environment, it's possible that attackers will target third-party NNTP servers and compromise them in an attempt to leverage this exploit.

Applies to: All versions of Windows.

Recommendation: Although the security bulletin states that the Microsoft article at the URL below details issues that might be experienced when this update is installed, no such issues are currently listed on this page. Given the large number of OS versions this update applies to, the likelihood of a public exploit for this vulnerability is high. You should test and deploy on an accelerated schedule.
http://list.windowsitpro.com/t?ctl=6969F:77AE4A322B7B2F2DE0CA9A2548B50388

MS07-057: Cumulative Security Update for Internet Explorer

This update addresses three privately reported and one publicly disclosed vulnerability. The attack vector for these exploits is specially crafted Web pages which, if viewed using Microsoft Internet Explorer, could be leveraged to execute nefarious code.

Applies to: Internet Explorer 5.0, 6.0, and 7.0.

Recommendation: This update should be first on your list to test and deploy as quickly as you can.

MS07-058: Vulnerability in RPC Could Allow Denial of Service

A vulnerability in the RPC facility could be leveraged to cause a Denial of Service (DoS) attack against the affected computer. The affected computer could slow, halt or even restart.

Applies to: All versions of Windows.

Recommendation: Microsoft rates this update as important rather than critical, and the vulnerability has been privately, rather than publicly, disclosed. Because RPC is almost always blocked at the firewall, this vulnerability can be leveraged only if the attacker is on the same network as the attacked. Thus, you should test and deploy this fix as part of your ongoing patch management routine.

MS07-059: Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site

The attack vector for this exploit is a script run within a SharePoint site. If this exploit is leveraged, the attacker could elevate privilege within a SharePoint site. The update modifies the way that SharePoint 3.0 and Microsoft Office SharePoint Server 2007 validate URL-encoded requests.

Applies to: SharePoint Services 3.0 on Windows Server 2003 and Microsoft Office SharePoint Server 2007.

Recommendation: Microsoft rates this update as important. You should test and deploy it as part of your ongoing patch management routine.

MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Word file with a malformed string. If leveraged, this exploit would allow the attacker to run remote code on the targeted computer.

Applies to: Office 2000, Office XP, and Office 2004 for Mac. Does not apply to Office 2003 and Office 2007

Recommendation: Although the vulnerability was privately reported, if your organization uses the affected software, you should test and deploy this patch on an accelerated schedule.

4 Microsoft Security Bulletins for September 2007
by Orin Thomas, MVP Windows Security, orin@windowsitpro.com

Microsoft released four security updates for September, rating one of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=65739:77AE4A322B7B2F2D542E30D9507010E1

MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted URL that targets Microsoft Agent on computers running Windows 2000 SP4

Applies to: Windows 2000 SP4.

Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. Given that the affected component is Microsoft Agent, it's likely that nefarious third parties will be working hard to develop an exploit for this vulnerability.
Prioritize testing of this update and deploy it on an accelerated schedule if your organization is using this OS version.

MS07-052: Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Crystal Reports (.rpt) file. If the file is opened on a system, the system will be vulnerable to a remote code execution attack. Such an attack can be executed with the full rights and privileges of the currently logged on user.

Applies to: Editions of Visual Studio that include Crystal Reports.
These are the Enterprise Architect, Enterprise Developer, and Professional editions of Visual Studio .NET 2002 SP1 and Visual Studio .NET 2003 (including SP1); and the Professional, Team Edition for Software Architects, Team Edition for Software Developers, Team Suite, and Team Edition for Software Testers editions of Visual Studio 2005 (including SP1).

Recommendation: Remind users to not open files from untrusted users.
This vulnerability has been publicly disclosed. If your organization uses the targeted software, you should rigorously test the update and deploy it as a part of your organization's normal patch management cycle.

MS07-053: Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege

The attack vector for this exploit is a specially crafted binary file that can be used to elevate privileges on a computer running the affected software.

Applies to: Windows Services for UNIX 3.0, Windows Services for UNIX 3.5, and Subsystem for UNIX-based Applications.

Recommendation: This exploit has been publicly disclosed, but cannot be remotely exploited. If your organization uses the software that the exploit targets, you should remind users not to run files from untrusted sources, rigorously test the update, and deploy it as a part of your organization's normal patch management cycle.

MS07-054: Vulnerability in MSN Messenger and Windows Live Messenger could allow Remote Code Execution

The attack vector for this exploit is an incoming video chat request made to an MSN Messenger or Windows Live Messenger client. If unpatched, a successful exploit of this vulnerability could allow an attacker to gain control of a target system with the full rights and privileges of the currently logged on user.

Applies to: All versions of MSN Messenger (except MSN Messenger 7.0.0820 on Windows 2000 SP4) and all versions of Windows Live Messenger (except Windows Live Messenger 8.1).

Recommendation: This exploit has been publicly disclosed, and it's likely that with the release of this bulletin, nefarious third parties will be working hard to develop an exploit. If clients in your organization use MSN Messenger or Windows Live Messenger, prioritize testing of this update and deploy on an accelerated schedule.

9 Microsoft Security Bulletins for August 2007
by Orin Thomas, orin@windowsitpro.com

Microsoft released nine security updates for August, rating six of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=623EB:77AE4A322B7B2F2DC55E7198AB2F5E79

MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Web page viewed in Internet Explorer (IE). The exploit targets Microsoft XML Core Services and, if unpatched, could allow the execution of malicious code.

Applies to: All versions of Windows

Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. You should promptly perform testing and deployment of this update.

MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Web page viewed in Internet Explorer (IE). The exploit targets OLE functionality. If unpatched, the exploit could be leveraged to allow the execution of malicious code.

Applies to: All versions of Windows except Vista, Office 2004 for Mac, Microsoft Visual Basic 6.0 SP6

Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. You should promptly perform testing and deployment of this update.

MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code Execution

The attack vector for this exploit is a specifically crafted Excel document. If unpatched, the exploit could be leveraged to allow the execution of malicious code.

Applies to: Office 2000, Office XP, Office 2003, and Office 2004 for Mac

Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. You should promptly perform testing and deployment of this update.

MS07-045: Cumulative Security Update for Internet Explorer

This update addresses three privately reported vulnerabilities. The vectors for these exploits are all specially crafted Web pages.

Applies to: All versions of Internet Explorer (IE)

Recommendation: The rating of this update is dependent on the host platform. For Windows 2000 and Windows XP, the update is rated critical; for Windows Vista, the update is rated important. Deploy this update to older versions of Windows prior to deploying it to Vista clients.

MS07-046: Vulnerability in GDI Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted image. If unpatched, the image could be configured to allow remote code execution on the target system.

Applies to: Windows 2000, Windows XP, and Windows Server 2003 (SP2
unaffected)

Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. You should promptly perform testing and deployment of this update.

MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted media file.
This vulnerability could allow remote code execution.

Applies to: Windows Media Player on all versions of Windows

Recommendation: Microsoft rates this bulletin as important, and the vulnerability has not been publicly disclosed. You should test and deploy this patch as part of your normal patch management cycle.

MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution

The vector for this attack is the Feed Headlines Gadget and can be exploited if a user subscribes to a malicious RSS feed. This exploit could allow the attacker to run remote code with the privileges of the logged-on user.

Applies to: Windows Vista

Recommendation: Microsoft rates this bulletin as important, and the vulnerability has not been publicly disclosed. You should test and deploy this update as part of your normal patch management cycle.

MS07-049: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege

This is an elevation of privilege vulnerability that could allow a guest OS user to run code on the host OS. This exploit can be leveraged only by users of the guest OS who have been granted administrative privileges.

Applies to: Virtual PC 2004, Virtual Server 2005/2005R2, and Virtual PC for Mac 6 and 7

Recommendation: This update is specific to customers running Virtual PC and Virtual Server. Microsoft rates it as important, so if you are using these products in your environment, you should test and patch as part of your usual patch management routine.

MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution

The attack vector for this exploit is a specially crafted Web page. If unpatched, users navigating to the page could inadvertently trigger remote code execution, compromising the target computer.

Applies to: Internet Explorer (IE) on all versions of Windows

Recommendation: Consult the associated Microsoft article (938127) because customers have experienced documented issues when applying this update. The vulnerability has been privately reported, so you should perform testing and deploy this update at your earliest convenience.

6 Microsoft Security Bulletins for July 2007
by Orin Thomas, orin@windowsitpro.com

Microsoft released six security updates for July, rating three of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=5D88E:77AE4A322B7B2F2DE648A7464B6DAA0B

MS07-036: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
This update addresses a publicly disclosed remote code execution vulnerability. This update also addresses two privately disclosed vulnerabilities. To leverage this vulnerability, an attacker needs to convince the target of the attack to open a specially formed Microsoft Excel file.
Applies to: All versions of Excel
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-037: Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution
This update addresses a publicly disclosed vulnerability. To leverage this vulnerability, an attacker needs to convince the target of the attack to open a specially formed Microsoft Office Publisher File. This vulnerability could allow remote code execution.
Applies to: Publisher 2007
Recommendation: Microsoft rates this bulletin as important, and the vulnerability it addresses has yet to be publicly disclosed. Unless your organization regularly works with Publisher files from untrusted sources, you should test and deploy this update as part of your normal patch management routine. If your organization regularly works with Publisher files from untrusted sources, accelerated testing and deployment is advised.

MS07-038: Vulnerability in Windows Vista Firewall Could Allow Information Disclosure
This privately reported vulnerability could be exploited by an attacker to gather information about the targeted host. This vulnerability cannot be directly used to gain control of a targeted system.
Applies to: Windows Vista
Recommendation: Microsoft rates this bulletin as moderate. You should test and deploy the update as part of your normal patch management routine.

MS07-039: Vulnerability in Windows Active Directory Could Allow Remote Code Execution
This update addresses a privately reported vulnerability in Active Directory (AD) on all versions of Windows Server. Microsoft rates the vulnerability as critical on Windows 2000 Server and important on Windows Server 2003. This attack can only be exploited on Windows 2003 if the attacker already has valid AD credentials.
Applies to: Windows 2000, Windows 2003
Recommendation: Although Microsoft rates this update as critical on Windows 2000, the vulnerability has not been publicly disclosed. Given the important nature of AD, you should promptly perform extensive testing before deployment of this update on vulnerable systems.

MS07-040: Vulnerability in .NET Framework Could Allow Remote Code Execution
This update addresses three privately reported vulnerabilities, two of which could allow remote code execution on Web servers that utilize ASP.NET. You should consult the related Microsoft article at http://list.windowsitpro.com/t?ctl=5D892:77AE4A322B7B2F2DE648A7464B6DAA0B before deploying this update because it's possible that there will be side effects.
Applies to: All versions of Windows
Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. Given the variety of platforms the vulnerability applies to, it's likely that hackers will rapidly attempt to develop an exploit that leverages this vulnerability. You should promptly perform testing and deployment of this update on vulnerable systems.

MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution
This vulnerability could allow remote code execution if an attacker crafted a special URL and transmitted it to a Windows XP computer that's hosting a Web site that uses the IIS software included in XP.
This attack could be used to take complete control of the XP computer.
Applies to: XP
Recommendation: Microsoft rates this bulletin as important, and the vulnerability it addresses has yet to be publicly disclosed. Unless you're using XP to host Internet-facing Web sites, you should test and deploy the update as part of your normal patch management routine. If you're using IIS on XP to host Internet-facing Web sites, you should test and apply this update as soon as possible.

6 Microsoft Security Bulletins for June 2007
by Orin Thomas, orin@windowsitpro.com

Microsoft released six security updates for June, rating four of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=59F76:77AE4A322B7B2F2D2EF3CDCF8F2224B6

MS07-030: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution
This bulletin addresses several privately reported and responsibly disclosed vulnerabilities in Microsoft Visio. These vulnerabilities could lead to remote code execution if a specifically crafted Visio file is opened on an unpatched computer.
Applies to: Visio 2002 and Visio 2003.
Recommendation: Microsoft rates this bulletin as important. If your organization uses Visio, you should test and deploy the patch as part of your normal patch management cycle.

MS07-031: Vulnerability in the Windows Secure Channel Security Package Could Allow Remote Code Execution
This vulnerability relates to the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) implementations on several Windows OS versions. Exploitation of this vulnerability could allow remote code execution through a specifically created Web page. This bulletin does not replace any previous security bulletins.
Applies to: Windows 2000, Windows XP, and Windows Server 2003.
Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. Microsoft also reports that when it has tested this vulnerability, the Web browser is more likely to exit than to allow remote code execution. You should promptly perform testing and deployment of this update on vulnerable systems.

MS07-032: Vulnerability in Windows Vista Could Allow Information Disclosure
This bulletin relates to a privately disclosed vulnerability that could allow a locally logged-on user to access local user information stores on a Windows Vista computer. This includes local administrator passwords contained within the registry and local file system.
Applies to: Windows Vista.
Recommendation: Microsoft rates this bulletin as moderate. You should test and deploy the patch as part of your normal patch management routine.

MS07-033: Cumulative Security Update for Internet Explorer
This bulletin addresses both privately and publicly reported vulnerabilities in multiple versions of Microsoft Internet Explorer (IE). The vulnerabilities involve remote code execution and could be exploited through a specifically created Web page. This bulletin does not replace any previously released bulletins.
Applies to: Windows 2000, Windows XP, Windows Server 2003, and Windows Vista.
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-034: Cumulative Security Update for Outlook Express and Windows Mail
This bulletin deals with several publicly and privately disclosed vulnerabilities in Microsoft Outlook Express and Windows Mail. These vulnerabilities could be exploited by a specially created email that leverages remote code execution.
Applies to: Windows XP, Windows Server 2003, and Windows Vista.
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-035: Vulnerability in Win32 API Could Allow Remote Code Execution
This bulletin addresses a privately reported vulnerability in a
Win32 API which could allow remote code execution and privilege escalation. This vulnerability can be exploited through specifically written Web pages.
Applies to: Windows 2000, Windows XP, and Windows Server 2003.
Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. You should promptly perform testing and deployment of this update on vulnerable systems.

================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below).
http://list.windowsitpro.com/t?ctl=59F79:77AE4A322B7B2F2D2EF3CDCF8F2224B6
http://list.windowsitpro.com/t?ctl=59F7B:77AE4A322B7B2F2D2EF3CDCF8F2224B6

Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=59F78:77AE4A322B7B2F2D2EF3CDCF8F2224B6

Unsubscribe by clicking
http://list.windowsitpro.com/u?id=77AE4A322B7B2F2D2EF3CDCF8F2224B6

Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=59F7A:77AE4A322B7B2F2D2EF3CDCF8F2224B6
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=59F77:77AE4A322B7B2F2D2EF3CDCF8F2224B6

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

7 Microsoft Security Bulletins for May 2007
by Orin Thomas, orin@windowsitpro.com

Microsoft released seven security updates for May, rating all seven as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=55861:77AE4A322B7B2F2D70AFB98FD42A5991

MS07-023: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
This update addresses several vulnerabilities in all versions of Excel that could be used to compromise a computer through the execution of remote code. This bulletin replaces MS07-002.
Applies to: All versions of Excel and Office 2004 for Macintosh.
Recommendation: Although Microsoft rates this update as critical, because the vulnerabilities haven't been publicly disclosed, you can test and deploy this update as a part of your patch management routine.

MS07-024: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
This update addresses several newly discovered and publicly disclosed vulnerabilities in most versions of Word. This bulletin replaces MS07-014.
Applies to: All versions of Word (except Word 2007) and Microsoft Works Suites.
Recommendation: Given that several of the vulnerabilities the update addresses have been made public, you should perform accelerated testing and deployment of this update.

MS07-025: Vulnerability in Microsoft Office Could Allow Remote Code Execution
This update addresses several privately disclosed vulnerabilities in most versions of Office. This bulletin replaces bulletin MS07-15.
Applies to: Office 2000/XP/2003/2007/SharePoint Designer 2007/2004 for Mac and Microsoft Expression Web.
Recommendation: Although Microsoft rates the vulnerability as critical, the vulnerability hasn't been publicly disclosed, so you can test and deploy this update as a part of your normal patch management routine.

MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution
This update addresses several newly discovered privately reported vulnerabilities in Exchange 2000 Server, Exchange Server 2003 and Exchange Server 2007. This bulletin replaces MS06-19 and MS06-29.
Applies to: Exchange 2000/2003/2007.
Recommendation: Although at the time the bulletin was published the vulnerabilities it addressed hadn't been publicly disclosed, Exchange forms such a critical part of many organizations' network infrastructure that you should perform thorough testing and deploy as expeditiously as possible.

MS07-027: Cumulative Security Update for Internet Explorer
This update addresses several vulnerabilities across all versions of Internet Explorer (IE). This bulletin replaces MS07-016.
Applies to: All versions of IE including IE 7.0 in Windows Vista.
Recommendation: Because the update addresses several publicly disclosed remote code exploit vulnerabilities, you should perform accelerated testing and deployment of this update.

MS07-028: Vulnerability in CAPICOM Could Allow Remote Code Execution
This update addresses vulnerabilities in CAPICOM and BizTalk Server 2004. Other versions of BizTalk, such as BizTalk 2000/2002/2006, don't have these vulnerabilities.
Applies to: CAPICOM and BizTalk Server 2004.
Recommendation: The vulnerability has been privately, rather than publicly, disclosed. If your organization uses these products, you should test thoroughly and apply.

MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution
This update addresses a publicly disclosed vulnerability in the DNS server service, which runs only on server OSs. An attacker who takes advantage of this vulnerability could take control of the server.
Applies to: Windows 2000 Server and Windows Server 2003.
Recommendation: This update addresses a publicly disclosed critical vulnerability in a core infrastructure service. Test and deploy as soon as possible.

6 Microsoft Security Bulletins for April 2007

Microsoft released six security updates for April, rating five of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=518F4:77AE4A322B7B2F2D2F1F37A7448FDC6E

MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution
This update addresses several vulnerabilities, some of which have been made public. Some of the vulnerabilities could be used to take control of an affected computer. This bulletin was released on April 3 rather than as part of the normal Microsoft update release cycle. This bulletin replaces bulletins MS06-001, MS06-054, and MS05-002.
Applies to: Windows 2000, Windows XP, Windows Server 2003, and Windows Vista.
Recommendation: The fact that Microsoft released this update early indicates the severity of the problem it addresses. If you haven't deployed this update already, you should accelerate testing and deployment of this update on vulnerable systems.

MS07-018: Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution
This update addresses a remote code execution vulnerability and a cross-site scripting and spoofing vulnerability. An attacker who is able to exploit this vulnerability might be able to install programs or modify data on the affected computer.
Applies to: Microsoft Content Management Server 2001 SP1 and Content Management Server 2002 SP2
Recommendation: Although Microsoft rates this update as critical, the vulnerabilities it addresses haven't been publicly disclosed. If your organization uses the affected versions of Content Management Server, you should test these updates and deploy them promptly.

MS07-019: Vulnerability in Universal Plug and Play Could Allow Remote Code Execution
This update addresses a vulnerability in Windows XP's Universal Plug and Play service. An attacker on the same subnet could send a specially crafted HTTP request that could be used to take control of an affected system.
Applies to: Windows XP
Recommendation: Although Microsoft rates this update as critical, the vulnerability that it addresses has not been publicly disclosed. It also applies only if the attacker is on the same subnet as the target computer. You should promptly test and deploy this update on vulnerable systems.

MS07-020: Vulnerability in Microsoft Agent Could Allow Remote Code Execution
This update addresses a remote code execution vulnerability in Microsoft Agent. The attack is of an indirect nature because it requires a user to visit an attacker's Web site.
Applies to: Windows 2000, Windows XP, and Windows Server 2003
Recommendation: Although Microsoft rates this update as critical, the vulnerability hasn't been publicly disclosed. You should promptly test and deploy this update on vulnerable systems.

MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution
This update addresses vulnerabilities in the Windows Client/Server Run-time Subsystem. An attacker could create an application that exploits this vulnerability to allow remote control of an affected system.
Applies to: Windows 2000, Windows XP, Windows Server 2003, and Windows Vista
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should accelerate testing and deployment of this update on vulnerable systems.

MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege
This privilege elevation vulnerability in the Windows Kernel could be exploited to take control of an affected system. Exploiting this vulnerability requires that the attacker have direct access to the computer. This bulletin replaces MS06-049.
Applies to: Windows 2000, Windows XP, and Windows Server 2003. The 64-bit editions of these OSs aren't vulnerable.
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as part of your normal patch management cycle.

12 Microsoft Security Bulletins for February 2007

Microsoft released 12 security updates for February, rating 6 of them as critical. Here's a brief description of each update; for more information, go to
http://list.windowsitpro.com/t?ctl=4A3FA:77AE4A322B7B2F2D1E5A1AAC1F7A5DB4

MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution.
This is a remote code execution vulnerability that could allow an attacker to compromise a computer. This bulletin replaces MS05-031.
Applies to: Step-by-Step Interactive Training installed on Windows 2000, XP, and Server 2003.
Recommendation: Microsoft rates this bulletin as important. If you use Step-by-Step Interactive Training, which is usually included in Microsoft Press titles, you should test and deploy this update as a part of your normal patch management cycle.

MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege.
This is an elevation-of-privilege vulnerability which could be used by someone with standard user privileges to gain administrator privileges. To exploit this vulnerability, the attacker must have direct access to the computer. This bulletin replaces MS06-045.
Applies to: Windows XP and Server 2003.
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as a part of your normal patch management cycle.

MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege.
This is an elevation-of-privilege vulnerability which could be used by someone with standard user privileges to gain administrator privileges. To exploit this vulnerability, the attacker must have direct access to the computer.
Applies to: Windows 2000, XP, Server 2003, and Vista.
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as a part of your normal patch management cycle.

MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution.
This remote-code-execution vulnerability could be exploited to take control of a computer. The severity of the threat is related to the rights of the currently logged on user. This bulletin replaces MS06- 046.
Applies to: Windows 2000, XP, and Server 2003.
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution.
This remote-code-execution vulnerability could be used to take control of a computer. The severity of the threat is related to the rights of the currently logged on user. This bulletin replaces bulletin MS06-014.
Applies to: Microsoft Data Access Components (MDAC) on Windows 2000, XP, and Server 2003. X64 editions of XP and Server 2003 aren't vulnerable to this threat.
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. Microsoft recommends that all customers who use MDAC upgrade to version 2.8 Service Pack 1 (SP1). You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution.
This is a remote-code-execution vulnerability that could be exploited to take control of an affected computer.
Applies to: Windows Live OneCare, Antigen for Exchange 9.x, Antigen for SMTP Gateway 9.x, Windows Defender, Microsoft Forefront Security for Exchange Server, and Microsoft Forefront Security for SharePoint.
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. Because this vulnerability is related to spyware and malware protection, you should perform accelerated testing and deployment of this update as soon as possible.

MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution.
This remote-code-execution vulnerability could be used to take control of a computer. The severity of the threat is related to the rights of the currently logged on user.
Applies to: Windows 2000, XP, and Server 2003.
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as a part of your normal patch management cycle.

MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution.
This remote-code-execution vulnerability could be used to take control of a computer. The severity of the threat is related to the rights of the currently logged on user.
Applies to: Windows 2000, XP, and Server 2003; Visual Studio .NET
2002 and 2003
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as a part of your normal patch management cycle.

MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution.
This remote code execution vulnerability could be used to take control of a computer. The severity of the threat is related to the rights of the currently logged on user.
Applies to: Windows 2000, XP, and Server 2003; Office 2000, XP, 2003, and 2004 for Mac; Project 2000 and 2003; Visio 2002; Learning Essentials 1.0, 1.1, and 1.5.
Recommendation: Microsoft rates this bulletin as important. You should test and deploy this update as a part of your normal patch management cycle.

MS07-014: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution.
This update fixes a remote-code-execution vulnerability through which an attacker could gain control of a computer. This update replaces MS06-060.
Applies to: Office 2000, XP, 2003, and 2004 for Mac; Works 2004, 2005, and 2006.
Recommendation: Microsoft rates this vulnerability as critical because the details of this vulnerability have been publicly reported.
You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-015: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution.
This update fixes a remote-code-execution vulnerability through which an attacker could gain control of a computer.
Applies to: Office 2000, XP, 2003, and 2004 for Mac; Project 2000 and 2002; Visio 2002.
Recommendation: Microsoft rates this vulnerability as critical because the details of this vulnerability have been publicly reported.
You should perform accelerated testing and deployment of this update on vulnerable systems.

MS07-016: Cumulative Security Update for Internet Explorer.
This cumulative security update deals with remote-code-execution vulnerabilities. This update replaces previous update MS06-072.
Applies to: Internet Explorer (IE) 5.0, 6.0, and 7.0 on Windows 2000, XP, and Server 2003.
Recommendation: Microsoft rates this vulnerability as critical because the details of this vulnerability have been publicly reported.
You should perform accelerated testing and deployment of this update on vulnerable systems.