CERT-In Advisory CIAD-2007-04
Multiple Vulnerabilities in Microsoft Windows, Internet
Explorer, Outlook Express and Microsoft office
Original issue date:
January 11, 2007
Systems Affected
- Microsoft Windows Operating Systems
- Microsoft Internet Explorer
- Microsoft
Outlook Express
- Microsoft
office
Overview
Multiple vulnerabilities have been reported in various components of Microsoft Windows , Microsoft Internet Explorer, , Outlook Express and Microsoft office. This advisory describes these vulnerabilities addressed by the Microsoft Security Bulletins of January 2007.
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS07-002: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution |
High |
CIVN-2007-02: Microsoft Excel Malformed Column Record, Palette Record, IMDATA Record and String Vulnerabilities |
MS07-003: Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution
|
High |
CIVN-2007-03:Remote Code Execution and Denial of Service Vulnerabilities in Microsoft Outlook |
MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution
|
High |
CIVN-2007-04:Microsoft Windows Vector Markup Language Code Execution Vulnerability |
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin January 2007
http://www.microsoft.com/technet/security/bulletin/ms07-jan.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms07-jan.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
