August 2007 Microsoft Security Bulletin Release

The August release contains 9 new bulletins, 6 of which have maximum severities of "Critical".

• MS07-042
  Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)

• MS07-043
  Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)

• MS07-044
  Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)

• MS07-045
  Cumulative Security Update for Internet Explorer (937143)

• MS07-046
  Vulnerability in GDI Could Allow Remote Code Execution (938829)

• MS07-047
  Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)

• MS07-048
  Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)

• MS07-049
  Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)

• MS07-050
  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)

Additionally Microsoft is re-releasing one bulletin:

• MS07-038
  Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807) – This is a detection-only change, to address the situation where a missing Firewall Logging Directory would cause the update installation to fail. There’s no change to the update binaries, so if you have already successfully installed this update, you do not need to reinstall it.

Please refer to the bulletin revision notes for more detail.

Also today Microsoft released Microsoft Security Advisory (932596). This is to let customers who run x64-based Windows operating systems know about an update to Kernel Patch Protection that is available. The update adds additional checks to Kernel Patch Protection for increased reliability, performance and security. Please see the security advisory and associated KB for more information.

References:

• Microsoft Security Advisory 932596 – Update to Improve Kernel Patch Protection: http://www.microsoft.com/technet/security/advisory/932596.mspx
  

• Kernel Patch Protection FAQ web site: http://www.microsoft.com/whdc/driver/kernel/64bitpatch_FAQ.mspx

• KB Article 932596 – Update to Improve Kernel Patch Protection: http://support.microsoft.com/kb/932596

• MSRC Blog: http://blogs.technet.com/msrc/

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...