JPCERT-AT-2007-0010 JPCERT/CC April 11, 2007 <<< JPCERT/CC Alert 2007-04-11 >>> April 2007 Microsoft Security Bulletin (including five critical patches) http://www.jpcert.or.jp/at/2007/at070010.txt I. Overview Microsoft has released security bulletins for April 2007 which include five "Critical" and one "Important" security updates. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code. Security Bulletin for April 2007 http://www.microsoft.com/japan/technet/security/bulletin/ms07-apr.mspx Detailed information on each vulnerability is available from the following URLs: [Critical Security Updates] MS07-017 Vulnerabilities in GDI Could Allow Remote Code Execution (925902) http://www.microsoft.com/japan/technet/security/bulletin/ms07-017.mspx MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) http://www.microsoft.com/japan/technet/security/bulletin/ms07-018.mspx MS07-019 Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261) http://www.microsoft.com/japan/technet/security/bulletin/ms07-019.mspx MS07-020 Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168) http://www.microsoft.com/japan/technet/security/bulletin/ms07-020.mspx MS07-021 Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178) http://www.microsoft.com/japan/technet/security/bulletin/ms07-021.mspx [Important Security Updates] MS07-022 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784) http://www.microsoft.com/japan/technet/security/bulletin/ms07-022.mspx The patches released this time include a security update for the vulnerability discussed in the following Security Advisory released by Microsoft: Microsoft Security Advisory (935423) Vulnerability in Windows Animated Cursor Handling http://www.microsoft.com/japan/technet/security/advisory/935423.mspx II. Solution Apply the security updates immediately by using Microsoft Update or Windows Update. Microsoft Update https://update.microsoft.com/microsoftupdate Windows Update https://windowsupdate.microsoft.com/ Depending on the version of the product, updates may not be available from Microsoft Update. Use Windows Update or Office Update as needed. About Microsoft Update http://www.microsoft.com/japan/technet/prodtechnol/microsoftupdate/default.mspx III. Reference Information JP Vendor Status Notes JVNTA07-100A Multiple Vulnerabilities in Microsoft Products http://jvn.jp/cert/JVNTA07-100A/index.html Security Bulletin for April 2007 http://www.microsoft.com/japan/technet/security/bulletin/ms07-apr.mspx Microsoft Update and other services: Frequently asked questions http://www.microsoft.com/japan/athome/security/protect/update.mspx Microsoft Updates for Multiple Vulnerabilities http://www.us-cert.gov/cas/techalerts/TA07-100A.html Vulnerability Note VU#728057 Microsoft Windows Agent fails to properly process crafted URLs http://www.kb.cert.org/vuls/id/728057 Vulnerability Note VU#219848 Microsoft Windows Vista CSRSS privilege escalation vulnerability http://www.kb.cert.org/vuls/id/219848 Vulnerability Note VU#740636 Microsoft Windows CSRSS error handling vulnerability http://www.kb.cert.org/vuls/id/740636 Vulnerability Note VU#337953 Microsoft Windows Kernel vulnerable to privilege escalation http://www.kb.cert.org/vuls/id/337953 Vulnerability Note VU#191609 Microsoft Windows animated cursor stack buffer overflow http://www.kb.cert.org/vuls/id/191609 @police About Microsoft security updates (MS07-017 updated, 018, 019, 020, 021, and 022) http://www.cyberpolice.go.jp/important/2007/20070411_041114.html If you have any information regarding this matter, please contact us. ====================================================================== JPCERT Coordination Center (JPCERT/CC) MAIL: info@jpcert.or.jp TEL: 03-3518-4600 FAX: 03-3518-4602 http://www.jpcert.or.jp/