Published: 2007-12-16T15:27+00:00
Last Updated: 2008-01-14T20:46+00:00
TRTA07-345A
Microsoft Updates for Multiple Vulnerabilities
Overview
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, gain elevated privileges, or crash a vulnerable system.
Event Information
| Date (UTC) | Description |
| 2008-01-08 |
Bugtraq Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit Microsoft DirectX Code Execution Vulnerability Parsing SAMI Files Proof Of Concept (CVE-2007-3901,MS07-064) #Cid: 26789.py #Tested: Windows 2000 SP4 [EN], DirectX 7.0 (4.07.00.0700) |
| 2007-12-21 |
Bugtraq MS Windows 2000 AS SP4 Message Queue Exploit (MS07-065) Message Queuing Service Remote Code Execution Vulnerability Proof Of Concept (CVE-2007-3039,MS07-065) #Cid: MessageQueueexpl.c #Tested: Windows 2000 Advanced Server [ES] |
| 2007-12-19 17:40 |
Microsoft Knowledge Base (946627): Internet Explorer 6 crashes after you install security update 942615 on a computer that is running Windows XP Service Pack 2 Cumulative Security Update for Internet Explorer (MS07-069) |
| 2007-12-18 |
Bugtraq Windows Message Queuing Service Remote RPC BOF Exploit (MS07-065) Message Queuing Service Remote Code Execution Vulnerability Proof Of Concept (CVE-2007-3039,MS07-065) #Cid: 26797.c #Tested: Windows 2000 + SP4 |
| 2007-12-14 18:28 |
Symantec ThreatCON (2) => (1) |
| 2007-12-12 01:11 |
JPCERT/CC JPCERT-AT-2007-0024: Dec 2007 Microsoft Security Bulletin (including three critical patches) |
| 2007-12-11 23:47 |
SANS Internet Storm Center December black tuesday overview Overview of the December 2007 Microsoft patches and their status. |
| 2007-12-11 22:36 |
US-CERT TA07-345A: Microsoft Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2007-12-11 16:00 |
Symantec ThreatCON (1) => (2) |
| 2007-12-11 08:00 |
Microsoft MS07-DEC: Microsoft Security Bulletin Summary for December 2007 Included in this advisory are updates for newly discovered vulnerabilities. |
| 2007-12-11 06:07 |
US-CERT Microsoft Releases December Security Bulletins US-CERT Current Activity Microsoft has released updates to address vulnerabilities in Windows, DirectX, DirectShow, Windows Media Format Runtime, and Internet Explorer as part of the Microsoft Security Bulletin Summary for December 2007. |
| 2007-12-11 |
IBM Internet Security Systems Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities Two vulnerabilities in Microsoft DirectShow could allow remote code execution. By creating a malicious file and enticing a user to click a link or open a file, an attacker could remotely execute unauthorized code with the privileges of the user. |
| 2007-12-11 |
IBM Internet Security Systems Multiple (4) Microsoft Windows Media Player .ASF Remote Code Execution Vulnerabilities Four vulnerabilities in Microsoft Windows Media Player could allow remote code execution. By creating a malicious .ASP file and enticing a user to click a link or open a file, an attacker could trigger a heap overflow through a malformed ASF stream and remotely execute unauthorized code with the privileges of the user. |
| 2007-11-05 |
Microsoft Microsoft Security Advisory (944653): Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow Elevation of Privilege Macrovision Driver Vulnerability (CVE-2007-5587,MS07-067) |
| 2007-10-16 17:23 |
Symantec Symantec Security Response Weblog: Privilege Escalation Exploit In the Wild Macrovision Driver Vulnerability (CVE-2007-5587,MS07-067) During the weekend I found an interesting sample exploiting a possibly new and undocumented vulnerability for Windows XP and 2003. The exploit is a local privilege escalation that allows users with a restricted account to gain a SYSTEM shell with higher privileges. |
| 2007-09-28 |
iDefense Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability Microsoft DirectX Code Execution Vulnerability Parsing SAMI Files (CVE-2007-3901,MS07-064) Vulnerability Reported This vulnerability exists in the DirextShow SAMI parser, which is implemented in quartz.dll. When the SAMI parser copies parameters into a stack buffer, it does not properly check the length of the parameter. As such, parsing a specially crafted SAMI file can cause a stack-based buffer overflow. |
| 2007-07-20 |
Zero Day Initiative (ZDI) ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2007-5344,MS07-069) Vulnerability Reported |
| 2007-07-20 |
Zero Day Initiative (ZDI) ZDI-07-073: Microsoft Internet Explorer setExpression Code Execution Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2007-3902,MS07-069) Vulnerability Reported |
| 2007-05-22 |
Zero Day Initiative (ZDI) ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2007-3903,MS07-069) Vulnerability Reported |
| 2007-05-08 |
iDefense Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability Uninitialized Memory Corruption Vulnerability (CVE-2007-3902,MS07-069) Vulnerability Reported The vulnerability lies in the JavaScript setExpression method, which is implemented in mshtml.dll. When malformed parameters are supplied, memory can be corrupted in a way that results in Internet Explorer accessing a previously deleted object. By creating a specially crafted web page, it is possible for an attacker to control the contents of the memory pointed to by the released object. |
| 2007-04-02 |
Zero Day Initiative (ZDI) ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability Message Queuing Service Remote Code Execution Vulnerability (CVE-2007-3039,MS07-065) Vulnerability Reported |