JPCERT-AT-2007-0001
JPCERT/CC
January 10, 2007 (Original release date)
January 19, 2007 (Last revised)
<<< JPCERT/CC Alert 2007-01-10 >>>
Jan 2007 Microsoft Security Bulletin
(including three critical patches)
http://www.jpcert.or.jp/at/2007/at070001.txt
I. Overview
Microsoft has released security bulletins for January 2007 which
include three "Critical" and one "Important" security updates.
Exploitation of these vulnerabilities could allow a remote attacker
to execute arbitrary code.
Security Bulletin for January 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-jan.mspx
*** Update: Added on January 19, 2007 **************************************
On January 19, 2007, Microsoft updated MS07-002 and security update
KB925524 to address an issue that users cannot open some files after
installing the prior security update KB925524 for Microsoft Excel
2000.
MS07-002
Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution (927198)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-002.mspx
Users who have not applied the MS07-002 security update for
Microsoft Excel 2000 are recommended to apply the security update
immediately.
Further information on this issue is available from the following
URL:
Excel 2000 does not open some files after you install security
update 925524 that is documented in security bulletin MS07-002.
http://support.microsoft.com/kb/931183
**********************************************************************
Detailed information on each vulnerability is available from the
following URLs:
MS07-002
Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution (927198)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-002.mspx
MS07-003
Vulnerabilities in Microsoft Outlook Could Allow Remote Code
Execution (925938)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-003.mspx
MS07-004
Vulnerability in Vector Markup Language Could Allow Remote Code
Execution (929969)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-004.mspx
MS07-001
Vulnerability in Microsoft Office 2003 Brazilian Portuguese
Grammar Checker Could Allow Remote Code Execution (921585)
http://www.microsoft.com/japan/technet/security/bulletin/ms07-001.mspx
The vulnerability reported in "Microsoft Security Advisory (929433):
Vulnerability in Microsoft Word Could Allow Remote Code Execution"
released in December 2006 is not fixed by the patches released this
time. Users should continue to be cautious when handling Word files.
Microsoft Security Advisory (929433): Vulnerability in Microsoft
Word Could Allow Remote Code Execution
http://www.microsoft.com/japan/technet/security/advisory/929433.mspx
II. Solution
Apply the security updates immediately by using Microsoft Update or
Windows Update.
Microsoft Update
https://update.microsoft.com/microsoftupdate
Windows Update
https://windowsupdate.microsoft.com/
Office Update
http://office.microsoft.com/ja-jp/officeupdate/default.aspx
Depending on the version of the product, updates may not be
available from Microsoft Update. Use Windows Update or Office Update
as needed.
For example, to apply security updates for Office 2000, they need
to be downloaded from Office Update. For details of operating systems
supported by Microsoft Update, see "Security Requirements" in the
following URL:
About Microsoft Update
http://www.microsoft.com/japan/technet/prodtechnol/microsoftupdate/default.mspx
III. Reference Information
Security Bulletin for January 2007
http://www.microsoft.com/japan/technet/security/bulletin/ms07-jan.mspx
Microsoft Update and other services: Frequently asked questions
http://www.microsoft.com/japan/athome/security/protect/update.mspx
US-CERT Technical Cyber Security Alert TA07-009A
Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA07-009A.html
US-CERT Vulnerability Note VU#493185
Microsoft Excel vulnerable to arbitrary code execution via
malformed record
http://www.kb.cert.org/vuls/id/493185
US-CERT Vulnerability Note VU#302836
Microsoft Excel fails to properly process a malformed Column
record
http://www.kb.cert.org/vuls/id/302836
US-CERT Vulnerability Note VU#271860
Microsoft Outlook fails to properly parse Office Saved Searches
(.oss) files
http://www.kb.cert.org/vuls/id/271860
US-CERT Vulnerability Note VU#749964
Microsoft Excel malformed IMDATA vulnerability
http://www.kb.cert.org/vuls/id/749964
US-CERT Vulnerability Note VU#476900
Microsoft Outlook fails to properly process a VEVENT record
http://www.kb.cert.org/vuls/id/476900
US-CERT Vulnerability Note VU#625532
Microsoft Excel fails to properly parse malformed Palette records
http://www.kb.cert.org/vuls/id/625532
US-CERT Vulnerability Note VU#122084
Microsoft Internet Explorer VML buffer overflow
http://www.kb.cert.org/vuls/id/122084
@Police
About Microsoft security updates (MS07-001, 002, 003, and 004)
(January 10)
http://www.cyberpolice.go.jp/important/2007/20070110_071806.html
If you have any information regarding this matter, please contact
us.
__________
Revision History
January 10, 2007 Initial release
January 11, 2007 Added the report that users cannot open some Excel
files after installing the MS07-002 security update
January 15, 2007 Added security information provided by Microsoft
and the URLs
January 19, 2007 Added information on the re-release of MS07-002
======================================================================
JPCERT Coordination Center (JPCERT/CC)
TEL: 03-3518-4600 FAX: 03-3518-4602
http://www.jpcert.or.jp/
Top