Temmuz 2007 Microsoft Security Bulletin Summary

Microsoft Security Bulletin MS07-036
Bulletin Title
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)
Executive Summary
This critical update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in addition to other security issues identified during the course of the investigation. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. This update does not require a restart.
Affected Software
Office, Excel.

Microsoft Security Bulletin MS07-039
Bulletin Title
Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122)
Executive Summary
This critical security update resolves a privately reported vulnerability in implementations of Active Directory on Windows 2000 Server and Windows Server 2003 that could allow remote code execution or a denial of service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition. However remote code execution could be possible. On Windows Server 2003 an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software
Windows

Microsoft Security Bulletin MS07-040
Bulletin Title
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
Executive Summary
This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software
.NET Framework


Microsoft Security Bulletin MS07-037
Bulletin Title
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (936548)
Executive Summary
This important security update resolves one publicly disclosed vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Microsoft Office Publisher file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. User interaction is required to exploit this vulnerability.
Maximum Severity Rating
Important
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update does not require a restart.
Affected Software
Office, Publisher

Microsoft Security Bulletin MS07-041
Bulletin Title
Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)
Executive Summary
This important security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if an attacker sent specially crafted URL requests to a Web page hosted by Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2. IIS 5.1 is not part of a default install of Windows XP Professional Service Pack 2. An attacker who successfully exploited this vulnerability could take complete control of the affected system.
Maximum Severity Rating
Important
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software
Windows XP Professional.

Bu yazi July 18th, 2007 tarihinde ve Security Bulletin kategorisi altina yazilmistir. RSS 2.0 feed ile yorumlara abone olabilirsiniz. Ayrica yorum birakabilir, yada kendi sitenizde konuyu geri izleme yapabilirsiniz.

Bu ve benzeri yazilardan haberdar olmak icin mail adresinizi yaziniz.




Konuyla Ilgili Benzer Yazilar:

  • Mayıs 2007 Microsoft Security Bulletin Summary - Critical
  • Haziran 2007 Microsoft Security Bulletin Summary
  • Microsoft Malware Protection Center
  • SSA, Security System Analyzer
  • Download Microsoft Forefront Server Security Management Console Beta 2
  • SQL Server logs
  • ‘The name of the security certificate is invalid or does not match the name of the site’ hatasi
  • Exchange 2007 üzerinde Security Configuration Wizard
  • Forefront Codename Stirling
  • Forefront Security For Exchange konfigurasyon yedeÄŸi
  • ROADMAP
  • Exchange Server 2007 Service Pack 1 Beta 2



    • Yorum yok

    Ilk yorum yapan siz olun.

    Yorum yapin

    Toplam 345 yazi ve 125 yorum bulunmaktadir.

    1. Haberdar Ol

      Son eklenen makalelerin mailinize gelmesi icin adresinizi yazin.

    2. Kategoriler

    3. Son Eklenen 15 Yazı

      En Populer 25 Yazi

      Bugun En Cok Okunan 25 Yazi

      Gezdiklerim

      Ve Yeniden "LOST"...