FYI...

MS Updates Vista Before Roll-out
- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=197001741
Jan. 30, 2007 ~ "The downloads include fixes for installing the OS on PCs with more than 3GB of memory, troubles connecting with a VPN, and performance issues in IE 7. Microsoft released several updates to Windows Vista Monday, the day before the new operating system debuted for consumers and landed on retail shelves. None of the updates were security fixes.
The five updates for the 32-bit version of Vista -- one was immediately replaced Tuesday with an update to the update -- fix difficulties installing the OS on PCs with more than 3GB of memory, troubles connecting with a VPN (Virtual Private Network) server, and performance problems with Internet Explorer 7 and its anti-phishing feature. The largest of the five updates, however, is one that addresses incompatibility issues for a host of applications and games, ranging from Adobe's PhotoShop to Zoo Tycoon. Multiple Microsoft titles -- Microsoft Money, Outlook 2003 -- are also on the list. Others of note include Opera 9.02, IBM Rescue and Recovery with Rapid Restore, Roxio Easy Media Creator 7.5, and RealPlayer...
The first scheduled security updates after the consumer release of Vista are pegged for Feb. 13."

Vista Application Compatibility Update
- http://support.microsoft.com/kb/929427
Last Review: January 30, 2007
Revision: 2.0

:spider: :lip:

FYI...

- http://news.softpedia.com/news/The-First-Security-Vulnerability-in-Internet-Explorer-7-45828.shtml
31 January 2007 ~ "Various versions of Internet Explorer, including IE7 for Windows XP SP2 and the browser integrated into Windows Vista are vulnerable to exploits targeting a zero-day flaw. Microsoft has confirmed the existence of the Internet Explorer ActiveX bgColor Property Denial of Service vulnerability reported by Determina Security Research. “We have confirmed that this issue can be used to cause the instance of Internet Explorer to exit when viewing the specially crafted Web page. We have confirmed that there is no possibility to use the bug to do anything beyond that, e.g. execute code. As such it is more along the lines of a stability issue and would be treated along similar issues reported into Microsoft using the Online Crash Analysis system,” stated a Microsoft representative..."
- http://www.determina.com/security.research/vulnerabilities/activex-bgcolor.html

> http://determina.blogspot.com/2007/01/fuzzing-shouldnt-work.html

:fear:

FYI...

Active Exploitation of Unpatched Vulnerability in Microsoft Word
- http://www.us-cert.gov/current/#mswd5exp
updated February 2, 2007
"US-CERT is aware of active exploitation of an unpatched vulnerability in Microsoft Word. There are reports indicating Microsoft has issued a response that this vulnerability is related to VU#166700*, reported in December 2006. According to Symantec, there are different documents that use this same exploit from multiple organizations. Each document has been specifically crafted for the targeted organization in both language and content. Details are limited at this point...
Until Microsoft issues a security fix, or more information becomes available, US-CERT recommends the following actions to help mitigate the security risks:
> Do not open or save untrusted Word documents or attachments from unsolicited email messages.
> Disable automatic opening of Microsoft Office documents, as specified in the Office Document Open Confirmation Tool** document.
> Do not rely on file name extensions as a way to securely filter against malicious files..."

* http://www.kb.cert.org/vuls/id/166700

** http://preview.tinyurl.com/lzwos

.

FYI...

- http://isc.sans.org/diary.html?storyid=2157
Last Updated: 2007-02-03 02:40:12 UTC
"Microsoft has released an advisory* for a remote code execution vulnerability in Microsoft Office. It is currently being reported to target only Microsoft Excel at this point. However, according to Microsoft's advisory: "While we are currently only aware that Excel is the current attack vector, other Office applications are potentially vulnerable." It has a CVE entry of CVE-2007-0671, although I could not find it in the database at this time and there is very limited information available. The advisory applies to the following products:
Office 2000
Office XP
Office 2003
Office 2004 for Mac
Office 2004 v. X for Mac ..."

* http://www.microsoft.com/technet/security/advisory/932553.mspx

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0671

- http://www.avertlabs.com/research/blog/?p=191
Update Feb 2, 2007 at 7 pm PST

:fear:

FYI...

- http://www.microsoft.com/technet/security/bulletin/advance.mspx
February 8, 2007 ~ "...On 13 February 2007 Microsoft is planning to release:
Security Updates
• -Five- Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.
• -Two- Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
• -One- Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Visual Studio. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates will require a restart.
• -One- Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Office. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
• -One- Microsoft Security Bulletin affecting Step-by-Step Interactive Training. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
• -One- Microsoft Security Bulletin affecting Microsoft Data Access Components. The highest Maximum Severity rating for this is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
• -One- Microsoft Security Bulletin affecting Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront. The highest Maximum Severity rating for these is Critical. These products provide built-in mechanisms for automatic detection and deployment of updates. Some of these updates may require a restart..."

(12 total.)

> http://blogs.technet.com/msrc/archive/2007/02/08/february-2007-advance-notification.aspx

:spider:

FYI...

- http://www.microsoft.com/technet/security/bulletin/ms07-feb.mspx
February 13, 2007
"...Summary...


...Critical (6)

Microsoft Security Bulletin MS07-008
Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
- http://www.microsoft.com/technet/security/Bulletin/ms07-008.mspx
This update resolves a vulnerability in HTML Help that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-009
Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution(927779)
- http://www.microsoft.com/technet/security/Bulletin/ms07-009.mspx
This update resolves a vulnerability in Microsoft Data Access Components that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-010
Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135)
- http://www.microsoft.com/technet/security/Bulletin/ms07-010.mspx
This update resolves a vulnerability in the Microsoft Malware Protection Engine that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-014
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434)
- http://www.microsoft.com/technet/security/Bulletin/ms07-014.mspx
This update resolves vulnerabilities in Microsoft Word that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-015
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554)
- http://www.microsoft.com/technet/security/Bulletin/ms07-015.mspx
This update resolves vulnerabilities in Microsoft Office that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-016
Cumulative Security Update for Internet Explorer (928090)
- http://www.microsoft.com/technet/security/Bulletin/ms07-016.mspx
This update resolves vulnerabilities in Internet Explorer that could allow remote code execution.
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution


...Important (6)

Microsoft Security Bulletin MS07-005
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)
- http://www.microsoft.com/technet/security/Bulletin/ms07-005.mspx
This update resolves a vulnerability in Step-by-Step Interactive Training that could allow remote code execution. User interaction is required to exploit this vulnerability.
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-006
Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)
- http://www.microsoft.com/technet/security/Bulletin/ms07-006.mspx
This update resolves a vulnerability in Windows Shell that could allow elevation of privilege.
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege

Microsoft Security Bulletin MS07-007
Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)
- http://www.microsoft.com/technet/security/Bulletin/ms07-007.mspx
This update resolves a vulnerability in the Windows Image Acquisition Service that could allow elevation of privilege.
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege

Microsoft Security Bulletin MS07-011
Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)
- http://www.microsoft.com/technet/security/Bulletin/ms07-011.mspx
This update resolves a vulnerability in Microsoft OLE Dialog that could allow remote code execution. User interaction is required to exploit this vulnerability.
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-012
Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)
- http://www.microsoft.com/technet/security/Bulletin/ms07-012.mspx
This update resolves a vulnerability in Microsoft MFC that could allow remote code execution. User interaction is required to exploit this vulnerability.
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution

Microsoft Security Bulletin MS07-013
Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)
- http://www.microsoft.com/technet/security/Bulletin/ms07-013.mspx
This update resolves a vulnerability in Microsoft RichEdit that could allow remote code execution. User interaction is required to exploit this vulnerability.
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution ...


Revisions:
• V1.0 (February 13, 2007): Bulletin published.

----------------------------------------------

ISC Analysis
- http://isc.sans.org/diary.html?storyid=2232
Last Updated: 2007-02-13 20:07:05 UTC

.

FYI...

Microsoft Security Advisory (933052)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/933052.mspx
February 14, 2007 ~ "Microsoft is investigating new public reports of very limited, targeted attacks against Microsoft Word “zero-day” using a vulnerability in Microsoft Office 2000 and Microsoft Office XP. In order for this attack to be carried out, a user must first open a malicious Office file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources..."

> http://secunia.com/advisories/24122/

.

FYI...

- http://blog.washingtonpost.com/securityfix/2007/02/microsoft_warns_of_more_office_1.html
February 16, 2007 ~ "Just days after Microsoft issued patches to plug some 20 security holes in its software, the software giant is warning users that bad guys are exploiting two more vulnerabilities in its Office product suite... We've seen this pattern before. Hackers wait until Microsoft issues its monthly batch of patches to start exploiting unpatched flaws that they've found or purchased from bug-finders. The hackers well know that they can exploit them for at least another four to eight weeks before Microsoft can offer a patch..."

Microsoft Word
> http://www.microsoft.com/technet/security/advisory/933052.mspx
February 14, 2007

PowerPoint
> http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-021312-5133-99&tabid=2
February 13, 2007

:sad: :fear:

(Revisions - 2.21.2007)

MS07-016 Critical
- http://www.microsoft.com/technet/security/bulletin/ms07-016.mspx
• V1.1 (February 21, 2007) Bulletin updated: additional clarification has been added to the e-mail attack vector. An attacker could also attempt to exploit this vulnerability when a user interacts with a malformed embedded OLE object within a Rich Text e-mail message. This Bulletin has also been revised due to new issues discovered with the security update as reflected in Microsoft Knowledge Base Article 924667. http://support.microsoft.com/?kbid=924667 Rev. 2.0

MS07-013 Important
- http://www.microsoft.com/technet/security/bulletin/ms07-013.mspx
• V1.1 (February 21, 2007) Bulletin updated: additional clarification has been added to the e-mail attack vector. An attacker could also attempt to exploit this vulnerability when a user interacts with a malformed embedded OLE object within a Rich Text e-mail message.

MS07-012 Important
- http://www.microsoft.com/technet/security/bulletin/ms07-012.mspx
• V1.1 (February 21, 2007) Bulletin updated: additional clarification has been added to the e-mail attack vector. An attacker could also attempt to exploit this vulnerability when a user interacts with a malformed embedded OLE object within a Rich Text e-mail message. This Bulletin has also been revised due to new issues discovered with the security update as reflected in Microsoft Knowledge Base Article 924667. http://support.microsoft.com/?kbid=924667 Rev. 2.0

MS07-011 Important
- http://www.microsoft.com/technet/security/bulletin/ms07-011.mspx
• V1.1 (February 21, 2007) Bulletin updated: additional clarification has been added to the e-mail attack vector. An attacker could also attempt to exploit this vulnerability when a user interacts with a malformed embedded OLE object within a Rich Text e-mail message.

MS06-078 Critical
- http://www.microsoft.com/technet/security/bulletin/ms06-078.mspx
• V2.2 (February 21, 2007): Bulletin updated to provide additional clarity around known issues customers may experience when they install this security update: See Microsoft Knowledge Base Article 933065 : Error message when you install the original version of security update 923689 on Korean Windows 2000 and Microsoft Knowledge Base Article 933066 : Error dialog when you install the security update 923689 on Windows XP SP2.

.