Tuesday, April 03, 2007

MS07-017 For Animated Cursor Handling Released

MS07-017 is a Critical Update and everyone is strongly urged to obtain this update as soon as possible. This update is for all supported Microsoft operating systems, including Windows Vista. If you do not have automatic updates turned on, please visit the Microsoft Update site now. The update is small, only 455 KB - 1.7 MB and requires a restart, but well worth it to protect your computer from infection!

Please note this important information provided in the MSRC Blog, referenced below. I have taken liberties with the format to call important information to your attention:
"We noted in our original advisory that attacks against this vulnerability affect all supported versions of Windows and Windows Server, including Windows Vista, and have been web-based and e-mail based.
  • If you are using Windows Vista, the Internet Explorer 7 protected mode provides additional protections against web-based attacks.

  • If you’re using Outlook 2007, you’re protected against e-mail based attacks.

  • Running as a standard user further protects you by limiting the attacker’s code with the same limitation on the logged-on user.
We call these out in the Mitigating Factors section of the security bulletin MS07-017."

Of further interest is that there is currently a regular update scheduled for next Tuesday, April 10, 2007. The details of that update will be released on schedule on Thursday, April 5, 2007.

Important Note: There is an issue on a computer that is running Microsoft Windows XP with Service Pack 2, in that the Realtek HD Audio Control Panel may not start. The following error message may also be received:

Rthdcpl.exe - Illegal System DLL Relocation

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

See Microsoft Knowledge Base Article KB 935448 for further information regarding a hotfix for this issue.


No comments: