CERT-In:Indian Computer Emergency Response Team

HOME > ADVISORIES

ADVISORIES

CERT-In Advisory CIAD-2007-42
Multiple Vulnerabilities in various components of Microsoft Windows, XML Core Services, Visual Basic, Microsoft Office for Mac, Internet Explorer, Windows Vista and Virtual PC/Virtual Server

Original issue date: August 16, 2007

Systems Affected

Microsoft Windows
XML Core Services
Visual Basic
Microsoft Office for Mac
Internet Explorer
Windows Vista
Virtual PC/Virtual Server

Overview

Multiple vulnerabilities have been reported in various components of Microsoft Windows, XML Core Services, Visual Basic, Microsoft Office for Mac, Internet Explorer, Windows Vista and Virtual PC/Virtual Server. This advisory describes these vulnerabilities addressed by the Microsoft Security Bulletins of August 2007.

Description

The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:

Microsoft Security Bulletin	Severity	CERT-In Vulnerability Notes
MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution	High	CIVN-2007-102: Remote Code Execution Vulnerability in Microsoft XML Core Services
MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution	High	CIVN-2007-103: Microsoft Windows OLE Automation Remote Code Execution vulnerability
MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code Execution	High	CIVN-2007-104: Microsoft Excel Remote Code Execution Vulnerability
MS07-045: Cumulative Security Update for Internet Explorer	High	CIVN-2007-105: Microsoft Internet Explorer Multiple Vulnerabilities
MS07-046: Vulnerability in GDI Could Allow Remote Code Execution	High	CIVN-2007-106: Microsoft GDI Remote Code Execution Vulnerability
MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution	Medium	CIVN-2007-107: Microsoft Windows Media Player Remote Code Execution Vulnerability
MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution	Medium	CIVN-2007-108: Multiple Vulnerabilities in Microsoft Windows Vista Gadgets
MS07-049: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege	Medium	CIVN-2007-109: Microsoft Windows Virtual PC and Virtual Server Privilege Escalation Vulnerability
MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution	High	CIVN-2007-110: Microsoft Windows Vector Markup Language Remote Code Execution Vulnerability

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin August 2007
http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Advisory CIAD-2007-42 Multiple Vulnerabilities in various components of Microsoft Windows, XML Core Services, Visual Basic, Microsoft Office for Mac, Internet Explorer, Windows Vista and Virtual PC/Virtual Server

CERT-In Advisory CIAD-2007-42
Multiple Vulnerabilities in various components of Microsoft Windows, XML Core Services, Visual Basic, Microsoft Office for Mac, Internet Explorer, Windows Vista and Virtual PC/Virtual Server