Tuesday, August 14, 2007

August 2007 Microsoft Security Bulletin Release

The August release contains 9 new bulletins, 6 of which have maximum severities of "Critical".
  • MS07-042
    Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
  • MS07-043
    Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
  • MS07-044
    Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
  • MS07-045
    Cumulative Security Update for Internet Explorer (937143)
  • MS07-046
    Vulnerability in GDI Could Allow Remote Code Execution (938829)
  • MS07-047
    Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)
  • MS07-048
    Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
  • MS07-049
    Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
  • MS07-050
    Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)

Additionally Microsoft is re-releasing one bulletin:

  • MS07-038
    Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807) – This is a detection-only change, to address the situation where a missing Firewall Logging Directory would cause the update installation to fail. There’s no change to the update binaries, so if you have already successfully installed this update, you do not need to reinstall it.

Please refer to the bulletin revision notes for more detail.

Also today Microsoft released Microsoft Security Advisory (932596). This is to let customers who run x64-based Windows operating systems know about an update to Kernel Patch Protection that is available. The update adds additional checks to Kernel Patch Protection for increased reliability, performance and security. Please see the security advisory and associated KB for more information.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: