Alert - Critical Product Vulnerability - February 2007 Microsoft Security Bulletin Release

Microsoft released the security bulletins listed below for newly discovered vulnerabilities. Note that Windows Vista is not affected by these vulnerabilities. Only MS07-016 has an impact on IE7, although the impact is much more critical with relation to IE6.

The Summaries, indicating which products are effected by the various bulletins is available at Technet, MS07-Feb.


Critical

• MS07-008 HTML Help ActiveX Control (Remote Code Execution)
• MS07-009 Microsoft Data Access Components (Remote Code Execution)
• MS07-010 Microsoft Malware Protection Engine (Remote Code Execution)
• MS07-014 Microsoft Word (Remote Code Execution)
• MS07-015 Microsoft Office (Remote Code Execution)
• MS07-016 Internet Explorer (Remote Code Execution)

Important:

• MS07-005 Step-by-Step Interactive Training (Remote Code Execution)
• MS07-006 Windows Shell (Elevation of Privilege)
• MS07-007 Windows Image Acquisition Service (Elevation of Privilege)
• MS07-011 Microsoft OLE Dialog Could (Remote Code Execution)
• MS07-012 Microsoft MFC (Remote Code Execution)
• MS07-013 Microsoft RichEdit (Remote Code Execution)