Tuesday, December 11, 2007

Microsoft Security Bulletin Release - December 2007

Microsoft released the Security Bulletin for December, 2007. In addition to an updated version of of the Microsoft Windows Malicious Software Removal Tool, Microsoft released three non-security, high-priority updates and 2007 Microsoft Office Service Pack 1 three non-security, high-priority updates for Windows and Windows SharePoint Services 3.0 Service Pack 1. The Microsoft Office Service pack includes all updates through December 2007.

The seven security updates (3 critical, 4, important) are listed below. Most of the updates require a restart. Refer to the Microsoft Security Bulleting Summary for December for complete information on affected software.

Critical
Executive Summary: This critical security update resolves two privately reported vulnerabilities in Microsoft DirectX. These vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, DirectX, DirectShow.
Restart Requirement: The update will not require a restart, except in certain situations.
Bulletins Replaced by This Update: MS05-050
Executive Summary: This critical security update resolves a privately reported vulnerability in Windows Media Format. This vulnerability could allow remote code execution if a user viewed a specially crafted file in Windows Media Format Runtime. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, Windows Media Format Runtime.
Restart Requirement: The update will not require a restart, except in certain situations.
Bulletins Replaced by This Update: MS06-078
Executive Summary: This critical security update resolves four privately reported vulnerabilities. The most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, Internet Explorer.
Restart Requirement: The update will require a restart.
Bulletins Replaced by This Update: MS07-057
Important
This important security update resolves a privately reported vulnerability in Server Message Block Version 2 (SMBv2). The vulnerability could allow an attacker to tamper with data transferred via SMBv2, which could allow remote code execution in domain configurations communicating with SMBv2.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Executive Summary: This important security update resolves a privately reported vulnerability in Message Queuing Service (MSMQ) that could allow remote code execution in implementations on Microsoft Windows 2000 Server, or elevation of privilege in implementations on Microsoft Windows 2000 Professional and Windows XP. An attacker must have valid logon credentials to exploit this vulnerability. An attacker could then install programs; view, change, or delete data; or create new accounts.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Bulletins Replaced by This Update: MS05-017
Executive Summary: This important security update resolves a privately reported vulnerability in the Windows kernel. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Impact of Vulnerability: Elevation of Privilege
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Executive Summary: This important security update resolves one publicly disclosed vulnerability. A local elevation of privilege vulnerability exists in the way that the Macrovision driver incorrectly handles configuration parameters. An attacker who successfully exploited this vulnerability could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Impact of Vulnerability: Local Elevation of Privilege
Affected Software: Windows.
Restart Requirement: The update will require a restart.

References:

TechNet: Microsoft Security Bulletin for December 2007
MSRC Blog: December 2007 Monthly Release



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments:

Post a Comment

Neither spam nor comments containing vulgarities will be approved.