Patch Tuesday Alerts February 2007
Microsoft released twelve new security patches today - six "critical" and six "important". Among the affected software this time around are Windows, Office, Microsoft Antivirus, Visual Studio and Internet Explorer. At least five exploits targeting Word - some dating back to early December were addressed in today's Microsoft Security Updates. Successful exploitation of the vulnerabilities could lead to remote code execution if a user opens a specially crafted Word file.
Novell recommends organizations prioritize the Microsoft critical security bulletin - MS07-009 affecting Microsoft Data Access Components. These components enable access to databases which could hold mission critical or customer data. An attacker successfully exploiting this vulnerability could take complete control of an affected system to install programs to view, change, or delete data; or create new accounts with full user rights. Organizations should carefully scrutinize the security bulletin to ascertain their organization's level of risk, particularly to any mission critical or customer data.
Other serious bulletins to pay careful attention to are the MS07-010 vulnerability in Microsoft Malware Protection Engine and the vulnerability in HTML Help ActiveX Control, MS07-008. As always, Novell recommends testing and deploying the Patch Tuesday fixes immediately.
Download the Patch Tuesday Prep Guide +
Download NIST Patching Management Recommendation +
Microsoft Security Release Details: Critical
MS07-008 - Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843) +
A remote code execution vulnerability exists in the HTML Help ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. We recommend that customers apply the update immediately.MS07-009 - Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779) +
A remote code execution vulnerability exists in the ADODB.Connection ActiveX control that is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC. An attacker who successfully exploited this vulnerability could take complete control of an affected system. We recommend that customers apply the update immediately.MS07-010 - Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135) +
A remote code execution vulnerability exists in the Microsoft Malware Protection Engine because of the way that it parses Portable Document Format (PDF) files. An attacker could exploit the vulnerability by constructing a specially crafted PDF File that could potentially allow remote code execution when the target computer system receives, and the Microsoft Malware Protection Engine scans, the PDF file. We recommend that customers apply the update immediately.MS07-014 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434) +
Word Malformed String Vulnerability - CVE-2006-5994
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Word Malformed Data Structures Vulnerability - CVE-2006-6456
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Word Count Vulnerability - CVE-2006-6561
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Word Macro Vulnerability - CVE-2007-0208
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Word Malformed Drawing Object Vulnerability - CVE-2007-0209
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Word Malformed Function Vulnerability - CVE-2007-0515
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.MS07-015 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554) +
PowerPoint Malformed Record Memory Corruption Vulnerability - CVE-2006-3877
A remote code execution vulnerability exists in PowerPoint and could be exploited when PowerPoint opened a specially crafted file. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted PowerPoint file that could allow remote code execution. We recommend that customers apply the update immediately.
Excel Malformed Record Vulnerability - CVE-2007-0671
A remote code execution vulnerability exists in Excel and could be exploited when Excel opened a specially crafted file. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. We recommend that customers apply the update immediately.MS07-016 - Cumulative Security Update for Internet Explorer (928090) +
A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. We recommend that customers apply the update immediately.