Published: 2007-06-12T22:28+00:00
Last Updated: 2007-06-13T20:22+00:00
TRTA07-163A
Microsoft Updates for Multiple Vulnerabilities
Overview
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Windows Secure Channel, Internet Explorer, Win32 API, Windows Mail and Outlook Express. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Event Information
| Date (UTC) | Description |
| 2007-06-13 19:30 |
Symantec ThreatCON (2) => (1) |
| 2007-06-13 01:55 |
JPCERT/CC JPCERT-AT-2007-0014: June 2007 Microsoft Security Bulletin (including four critical patches) |
| 2007-06-12 20:57 |
SANS Internet Storm Center June 2007, Microsoft Patch Tuesday Overview. Overview of the June 2007 Microsoft patches and their status. |
| 2007-06-12 20:24 |
US-CERT TA07-163A: Microsoft Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2007-06-12 18:30 |
Symantec ThreatCON (1) => (2) |
| 2007-06-12 17:18 |
US-CERT Microsoft Releases June Security Bulletins Microsoft has released updates to address vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Visio, and the Windows Schannel Security Package as part of the Microsoft Security Bulletin Summary for June 2007. |
| 2007-06-12 |
Microsoft MS07-JUN: Microsoft Security Bulletin Summary for June 2007 Included in this advisory are updates for newly discovered vulnerabilities. |
| 2007-06-10 |
Bugtraq Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2) Speech Control Memory Corruption Vulnerability Proof Of Concept (CVE-2007-2222) #Cid: MSXPSP2_Speech_API_ActiveX_BoF.txt #Tested: Windows XP + SP2, IE 6 |
| 2007-06-01 |
Bugtraq Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4) Speech Control Memory Corruption Vulnerability Proof Of Concept (CVE-2007-2222) #Cid: MS2KSP4_Speech_API_ActiveX_BoF.txt #Tested: Windows 2000 + SP4, IE 6 |
| 2007-02-15 |
Zero Day Initiative (ZDI) ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability Uninitialized Memory Corruption Vulnerability(MS07-033, CVE-2007-1751) This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Vulnerability Reported |
| 2006-11-08 |
Zero Day Initiative (ZDI) ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability Language Pack Installation Vulnerability(MS07-033, CVE-2007-3027) This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Vulnerability Reported |
| 2006-10-24 |
iDefense Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability COM Object Instantiation Memory Corruption Vulnerability (CVE-2007-0218,MS07-033) Remote exploitation of an invalid memory access vulnerability in various Microsoft products, including Internet Explorer, while creating certain COM objects may allow an attacker to execute arbitrary code. Vulnerability Reported |
| 2006-08-28 |
COSEINC Private Limited SChannel Off-By-One Heap Corruption Vulnerability in the Windows Schannel Security Package (CVE-2007-2218,MS07-031) The Secure Channel (SChannel) library on WinXP-SP1/SP2 is vulnerable to a off-by-one heap buffer overwrite. Vulnerability Reported |