CERT-In:Indian Computer Emergency Response Team

HOME > ADVISORIES

ADVISORIES

CERT-In Advisory CIAD-2007-49
Multiple Vulnerabilities in various components of Microsoft Windows, Visual Studio , Windows Services for UNIX, Subsystem for UNIX-based Applications , MSN Messenger, Windows Live Messenger

Original issue date: September 12, 2007

Systems Affected

Microsoft Windows
Visual Studio
Windows Services for UNIX
Subsystem for UNIX-based Applications
MSN Messenger
Windows Live Messenger

Overview

Multiple vulnerabilities have been reported in various components of Microsoft Windows , Visual Studio , Windows Services for UNIX, Subsystem for UNIX-based Applications , MSN Messenger, Windows Live Messenger. This advisory describes these vulnerabilities addressed by the Microsoft Security Bulletins of September 2007.

Description

The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:

Microsoft Security Bulletin	Severity	CERT-In Vulnerability Notes
MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution	High	CIVN-2007-117: Remote Code Execution Vulnerability in Microsoft Agent ActiveX (agentdpv.dll) control
MS07-052: Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution	Medium	CIVN-2007-118: Remote Code Execution Vulnerability in Crystal Reports for Microsoft Visual Studio
MS07-053: Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege	Medium	CIVN-2007-119: Microsoft Windows Services for UNIX Privilege Escalation Vulnerability
MS07-054: Vulnerability in MSN Messenger and Windows Live Messenger could allow Remote Code Execution	Medium	CIVN-2007-120: Remote Code Execution Vulnerability in MSN Messenger and Windows Live Messenger

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin September 2007
http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Advisory CIAD-2007-49 Multiple Vulnerabilities in various components of Microsoft Windows, Visual Studio , Windows Services for UNIX, Subsystem for UNIX-based Applications , MSN Messenger, Windows Live Messenger

CERT-In Advisory CIAD-2007-49
Multiple Vulnerabilities in various components of Microsoft Windows, Visual Studio , Windows Services for UNIX, Subsystem for UNIX-based Applications , MSN Messenger, Windows Live Messenger