Please note this important information provided in the MSRC Blog, referenced below. I have taken liberties with the format to call important information to your attention:
"We noted in our original advisory that attacks against this vulnerability affect all supported versions of Windows and Windows Server, including Windows Vista, and have been web-based and e-mail based.
We call these out in the Mitigating Factors section of the security bulletin MS07-017."
- If you are using Windows Vista, the Internet Explorer 7 protected mode provides additional protections against web-based attacks.
- If you’re using Outlook 2007, you’re protected against e-mail based attacks.
- Running as a standard user further protects you by limiting the attacker’s code with the same limitation on the logged-on user.
Of further interest is that there is currently a regular update scheduled for next Tuesday, April 10, 2007. The details of that update will be released on schedule on Thursday, April 5, 2007.
Important Note: There is an issue on a computer that is running Microsoft Windows XP with Service Pack 2, in that the Realtek HD Audio Control Panel may not start. The following error message may also be received:
Rthdcpl.exe - Illegal System DLL Relocation
The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
See Microsoft Knowledge Base Article KB 935448 for further information regarding a hotfix for this issue.