- MS07-042
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
- MS07-043
Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
- MS07-044
Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
- MS07-045
Cumulative Security Update for Internet Explorer (937143)
- MS07-046
Vulnerability in GDI Could Allow Remote Code Execution (938829)
- MS07-047
Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)
- MS07-048
Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
- MS07-049
Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
- MS07-050
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)
Additionally Microsoft is re-releasing one bulletin:
- MS07-038
Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807) – This is a detection-only change, to address the situation where a missing Firewall Logging Directory would cause the update installation to fail. There’s no change to the update binaries, so if you have already successfully installed this update, you do not need to reinstall it.
Please refer to the bulletin revision notes for more detail.
Also today Microsoft released Microsoft Security Advisory (932596). This is to let customers who run x64-based Windows operating systems know about an update to Kernel Patch Protection that is available. The update adds additional checks to Kernel Patch Protection for increased reliability, performance and security. Please see the security advisory and associated KB for more information.
References:- Microsoft Security Advisory 932596 – Update to Improve Kernel Patch Protection: http://www.microsoft.com/technet/security/advisory/932596.mspx
- Kernel Patch Protection FAQ web site: http://www.microsoft.com/whdc/driver/kernel/64bitpatch_FAQ.mspx
- KB Article 932596 – Update to Improve Kernel Patch Protection: http://support.microsoft.com/kb/932596
- MSRC Blog: http://blogs.technet.com/msrc/
No comments:
Post a Comment