JPCERT-AT-2007-0012
JPCERT/CC
May 9, 2007 (Original release date)
May 14, 2007 (Last revised)
<<< JPCERT/CC Alert 2007-05-09 >>>
May 2007 Microsoft Security Bulletin
(seven critical patches)
http://www.jpcert.or.jp/at/2007/at070012.txt
I. Overview
Microsoft has released security bulletins for May 2007 which include
seven "Critical" security updates.
Exploitation of these vulnerabilities could allow a remote attacker
to execute arbitrary code.
Security Bulletin for May 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-may.mspx
Detailed information on each vulnerability is available from the
following URLs:
[Critical Security Updates]
MS07-023
Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution (934233)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-023.mspx
MS07-024
Vulnerabilities in Microsoft Word Could Allow Remote Code
Execution (934232)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-024.mspx
MS07-025
Vulnerability in Microsoft Office Could Allow Remote Code
Execution (934873)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-025.mspx
MS07-026
Vulnerabilities in Microsoft Exchange Could Allow Remote Code
Execution (931832)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-026.mspx
MS07-027
Cumulative Security Update for Internet Explorer (931768)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-027.mspx
MS07-028
Vulnerability in CAPICOM Could Allow Remote Code Execution
(931906)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-028.mspx
MS07-029
Vulnerability in Windows DNS RPC Interface Could Allow Remote Code
Execution (935966)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-029.mspx
The patches released this time include security updates for
vulnerabilities discussed in the following Security Advisories
released by Microsoft:
Microsoft Security Advisory (935964)
Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution
http://www.microsoft.com/japan/technet/security/advisory/935964.mspx
Microsoft Security Advisory (933052)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
http://www.microsoft.com/japan/technet/security/advisory/933052.mspx
II. Solution
Apply the security updates immediately by using Microsoft Update or Windows Update.
Microsoft Update
https://update.microsoft.com/microsoftupdate
Windows Update
https://windowsupdate.microsoft.com/
Office Update
http://office.microsoft.com/ja-jp/officeupdate/default.aspx
Depending on the version of the product, updates may not be
available from Microsoft Update. Use Windows Update or Office Update
as needed.
For example, to apply security updates for Office 2000, they need
to be downloaded from Office Update. For details of operating systems
supported by Microsoft Update, see "Security Requirements" in the
following URL:
About Microsoft Update
http://www.microsoft.com/japan/technet/prodtechnol/microsoftupdate/default.mspx
*** Updated: Added on May 14, 2007 **********************************
According to the information from Microsoft, when Microsoft Update
or Windows Update runs on Windows XP, Windows Server 2003, or Windows
2000, it may not finish scanning for a long time or may fail.
For more information and solutions, see the following website:
Microsoft Update or Windows Update does not finish scanning
http://support.microsoft.com/kb/937383/ja
**********************************************************************
III. Reference Information
Security Bulletin for May 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-may.mspx
Microsoft Update and other services: Frequently asked questions
http://www.microsoft.com/japan/athome/security/protect/update.mspx
US-CERT Technical Cyber Security Alert TA07-128A
Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
US-CERT Vulnerability Note VU#253825
Microsoft Excel fails to properly process files with crafted
filter records
http://www.kb.cert.org/vuls/id/253825
US-CERT Vulnerability Note VU#260777
Microsoft Word fails to properly process crafted array data
http://www.kb.cert.org/vuls/id/260777
US-CERT Vulnerability Note VU#332404
Microsoft Word fails to properly handle malformed strings
http://www.kb.cert.org/vuls/id/332404
US-CERT Vulnerability Note VU#853184
Microsoft Office drawing object vulnerability
http://www.kb.cert.org/vuls/id/853184
US-CERT Vulnerability Note VU#343145
Microsoft Exchange Server fails to properly decode MIME email
messages
http://www.kb.cert.org/vuls/id/343145
US-CERT Vulnerability Note VU#124113
Microsoft Exchange Outlook Web Access UTF character set label
script injection vulnerability
http://www.kb.cert.org/vuls/id/124113
US-CERT Vulnerability Note VU#869641
Research In Motion TeamOn Import Object ActiveX control buffer
overflow
http://www.kb.cert.org/vuls/id/869641
US-CERT Vulnerability Note VU#866305
Microsoft Cryptographic API Component Object Model Certificates
ActiveX control contains a remote code execution vulnerability
http://www.kb.cert.org/vuls/id/866305
US-CERT Vulnerability Note VU#555920
Microsoft Windows DNS RPC buffer overflow
http://www.kb.cert.org/vuls/id/555920
@police
About Microsoft security updates
(MS07-023, 024, 025, 026, 027, 028, 029) (May 9)
http://www.cyberpolice.go.jp/important/2007/20070509_050131.html
If you have any information regarding this matter, please contact us.
__________
Revision History
May 9, 2007 Initial release
May 14, 2007 Added the problem of high CPU usage
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600 FAX: 03-3518-4602
http://www.jpcert.or.jp/
Top