"With nine security bulletins, today is the second-busiest Patch Tuesday this year," said Dave Marcus, security research and communications manager, McAfee Avert Labs. "Many of the vulnerabilities addressed by Microsoft's fixes could be exploited if a Windows user simply visits a malicious website. Microsoft's patches thus again underline the trend of malware writers seeking out the Web browser as a means of attack and reinforce the need of safe browsing habits."
Microsoft Vulnerabilities Overview includes: MS07-042 - vulnerability in Microsoft XML Core Services could allow remote code execution, MS07-043 - vulnerability in OLE Automation could allow remote code execution, MS07-044 vulnerability in Microsoft Excel could allow remote code execution, MS07-045 Cumulative Security Update for Internet Explorer, MS07-046 vulnerability in GDI could allow remote code execution, MS07-047 vulnerability in Windows Media Player could allow remote code execution, MS07-048 vulnerabilities in Windows Gadgets could allow remote code execution, MS07-049 vulnerability in Virtual PC and Virtual Server could allow elevation of privilege, MS07-050 vulnerability in Vector Markup Language could allow remote code execution Scope of Potential Compromise.
Today's nine security bulletins cover a total of 14 vulnerabilities. Six of the bulletins are rated critical by Microsoft due to their potential for remote code execution. Three bulletins are deemed important.
Do you want to know if Microsoft's Men in Black ever met Linus Torvalds? Here is what Linus reveals! Read full interview. |
