jmke

Critical Security Bulletins
===========================

MS07-008 - Vulnerability in HTML Help ActiveX Control Could Allow
Remote Code Execution (928843)

- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-009 - Vulnerability in Microsoft Data Access Components (MDAC)
Function Could Allow Remote Code Execution (927779)

- Affected Software:

- Windows 2000 SP4
- Windows XP SP2
- Windows Server 2003
- Windows Server 2003 on Itanium-based Systems

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-010 - Vulnerability in Microsoft Malware Protection Engine
Could Allow Remote Code Execution (932135)

- Affected Software:
- Windows Live OneCare
- Microsoft Antigen for Exchange 9.x
- Microsoft Antigen for SMTP Gateways 9.x
- Microsoft Windows Defender
- Microsoft Windows Defender x64 Edition
- Microsoft Windows Defender in Windows Vista
- Microsoft Forefront Security for Exchange Server
- Microsoft Forefront Security for SharePoint

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-014 - Vulnerability in Microsoft Word Could Allow Remote Code
Execution (929434)

- Affected Software:
- Office 2000 Service Pack 3
- Office XP Service Pack 3
- Office System 2003
- Microsoft Office 2004 for Mac
- Microsoft Office v.X for Mac
- Microsoft Works Suites 2004, 2005, and 2006

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-015 - Vulnerabilities is Microsoft Office Could Allow Remote
Code Execution (932554)

- Affected Software:
- Office 2000 Service Pack 3
- Office XP Service Pack 3
- Office 2003 Service Pack 2
- Microsoft Office 2004 for Mac

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-016 - Cumulative Security Update for Internet (928090)

- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

MS07-005 - Vulnerability in Step-by-Step Interactive Training Could
Allow Remote Code Execution (923723)

- Affected Software:
- Windows 2000 SP4
- Windows XP SP2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 SP1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-006 - Vulnerability in Windows Shell Could Allow Elevation of
Privilege (928255)

- Affected Software:
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

- Impact: Elevation or Privilege
- Version Number: 1.0

MS07-007 - Vulnerability in Windows Image Acquisition Service Could
Allow Remote Code Execution (927802)

- Affected Software:
- Windows XP Service Pack 2

- Impact: Elevation or Privilege
- Version Number: 1.0

MS07-011 - Vulnerability in Microsoft OLE Dialog Could Allow Remote
Code Execution (926436)

- Affected Software:

- Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-012 - Vulnerability in Microsoft MFC Could Allow Remote Code
Execution (924667)

- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Visual Studio .NET 2002(all versions and products included in the Visual
Studio .NET 2002 suite)
- Visual Studio .NET 2003(all versions and products included in the Visual
Studio .NET 2003 suite)

- Impact: Remote Code Execution
- Version Number: 1.0

MS07-013 - Vulnerability in Microsoft RichEdit Could Allow Remote
Code Execution (918118)

- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 Service Pack 1
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition
- Office 2000 Service Pack 3
- Office 2000 Multilanguage Packs
- Office XP Service Pack 3 (all versions and products included in the
Office XP suite)
- Office 2003 Service Pack 2
- Learning Essentials 1.0
- Learning Essentials 1.1
- Learning Essentials 1.5
- Global Input Method Editor for Office 2000 (Japanese)
- Office 2004 for Mac
- Office v.X for Mac

- Impact: Remote Code Execution
- Version Number: 1.0



---
http://www.microsoft.com/technet/sec.../ms07-feb.mspx

__________________