JPCERT-AT-2007-0022
JPCERT/CC
November 14, 2007
<<< JPCERT/CC Alert 2007-11-14 >>>
Nov 2007 Microsoft Security Bulletin
(including one critical patch)
http://www.jpcert.or.jp/at/2007/at070022.txt
I. Overview
Microsoft has released security bulletins for November 2007 which
include one "Critical" security update.
Exploitation of this vulnerability could allow a remote attacker to
execute arbitrary code.
Security Bulletin for November 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-nov.mspx
Detailed information on this vulnerability is available from the
following URL:
[Critical Security Updates]
MS07-061
Vulnerability in Windows URI Handling Could Allow Remote Code
Execution (943460)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-061.mspx
II. Solution
Apply the security updates immediately by using Microsoft Update or
Windows Update.
Microsoft Update
https://www.update.microsoft.com/
Windows Update
https://windowsupdate.microsoft.com/
III. Reference Information
US-CERT Technical Cyber Security Alert TA07-317A
Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA07-317A.html
Security Bulletin for November 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-nov.mspx
Microsoft Update and other services: Frequently asked questions
http://www.microsoft.com/japan/athome/security/protect/update.mspx
Vulnerability Note VU#403150
Microsoft Windows URI protocol handling vulnerability
http://www.kb.cert.org/vuls/id/403150
Vulnerability Note VU#484649
Microsoft Windows DNS Server vulnerable to cache poisoning
http://www.kb.cert.org/vuls/id/484649
@police
About Microsoft security updates (MS07-061, 062) (November 14)
http://www.cyberpolice.go.jp/important/2007/20071114_064045.html
If you have any information regarding this matter, please contact us.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600 FAX: 03-3518-4602
http://www.jpcert.or.jp/
Top