July 2007 Microsoft Security Bulletin Release - Microsoft Office Support Blog - Site Home

Microsoft has released the following security bulletins for newly discovered vulnerabilities:

Bulletin Number	Maximum Severity	Affected Products	Impact
MS07-036	Critical	All currently supported versions of Microsoft Office	Remote Code Execution
MS07-037	Important	Publisher 2007	Remote Code Execution
MS07-038	Moderate	Windows Vista	Information Disclosure
MS07-039	Critical	Windows 2000 servers, Windows Server 2003	Remote Code Execution
MS07-040	Critical	.NET Framework 1.0, 1.1, 2.0	Remote Code Execution
MS07-041	Important	Windows XP SP2 with IIS 5.1 installed	Remote Code Execution

Summaries for these new bulletins may be found at the following pages:

http://www.microsoft.com/technet/security/bulletin/ms07-Jul.mspx

Re-released Security Bulletins

MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)

Notes on the re-release of MS06-078:

The security update for Windows Media Player 6.4 (KB925398) did not correctly install on Windows Server 2003 Service Pack 2. A revised security update is now available to install on Windows Server 2003 Service Pack 2 (KB925398).
No changes have been made to the files in the security update. This is a package change only to install on Windows Server 2003 Service Pack 2.
Microsoft recommends that customers apply the update immediately. No action is required on systems where the security update has been successfully installed.

· Known issues documented in Microsoft Knowledge Base Article 933065 and Microsoft Knowledge Base Article 933066 are resolved. No action is required on systems where the security update has been successfully installed.

· Customers who did experience this known issue and did not install this security update will be reoffered the security update included with this security bulletin

More Information on MS06-078 - Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689):

http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU) and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool can be located here:

http://go.microsoft.com/fwlink/?LinkId=40573

High-Priority Non-Security Updates on Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS) and Software Update Services (SUS)

Microsoft is today also releasing High-Priority NON-SECURITY updates on WU, MU, SUS and WSUS. For complete details on non-security updates being released today please review the following KB Article:

Description of SUS and WSUS changes in content for 2007:

http://support.microsoft.com/?id=894199

TechNet Webcast:

· Title: Information about Microsoft July Security Bulletins (Level 200)

· When: Wednesday, July 11, 2007 11:00 AM Pacific Time (US & Canada)

· URL: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032343783

· Replay: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032343783

Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit Microsoft Support Lifecycle.

MS07-036

Microsoft Security Bulletin MS07-036
Bulletin Title	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)
Executive Summary	This critical update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in addition to other security issues identified during the course of the investigation. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. This update does not require a restart.
Affected Software	Office, Excel. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	This update does not require a restart.
Removal Information	Varies Depending on which version of the update is installed.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-036.mspx

MS07-037

Microsoft Security Bulletin MS07-037
Bulletin Title	Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (936548)
Executive Summary	This important security update resolves one publicly disclosed vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Microsoft Office Publisher file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. User interaction is required to exploit this vulnerability.
Maximum Severity Rating	Important
Impact of Vulnerability	Remote Code Execution
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update does not require a restart.
Affected Software	Office, Publisher. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	This update does not require a restart.
Removal Information	Use Add or Remove Programs tool in Control Panel.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-037.mspx

MS07-038

Microsoft Security Bulletin MS07-038
Bulletin Title	Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807)
Executive Summary	This moderate security update resolves a privately reported vulnerability. This vulnerability could allow incoming unsolicited network traffic to access a network interface. An attacker could potentially gather information about the affected host.
Maximum Severity Rating	Moderate
Impact of Vulnerability	Information Disclosure
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software	Windows Vista. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	You must restart your system after you apply this security update.
Removal Information	To remove this update, click Control Panel, click Security, then under Windows Update, click View installed updates and select from the list of updates.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-038.mspx

MS07-039

Microsoft Security Bulletin MS07-039
Bulletin Title	Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122)
Executive Summary	This critical security update resolves a privately reported vulnerability in implementations of Active Directory on Windows 2000 Server and Windows Server 2003 that could allow remote code execution or a denial of service condition. Attacks attempting to exploit this vulnerability would most likely result in a denial of service condition. However remote code execution could be possible. On Windows Server 2003 an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software	Windows. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	You must restart your system after you apply this security update.
Removal Information	Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-039.mspx

MS07-040

Microsoft Security Bulletin MS07-040
Bulletin Title	Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
Executive Summary	This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software	.NET Framework. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	You must restart your system after you apply this security update.
Removal Information	Use Add or Remove Programs tool in Control Panel.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-040.mspx

MS07-041

Bulletin Identifier	Microsoft Security Bulletin MS07-041
Bulletin Title	Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)
Executive Summary	This important security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if an attacker sent specially crafted URL requests to a Web page hosted by Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2. IIS 5.1 is not part of a default install of Windows XP Professional Service Pack 2. An attacker who successfully exploited this vulnerability could take complete control of the affected system.
Maximum Severity Rating	Important
Impact of Vulnerability	Remote Code Execution
Detection	Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update will require a restart.
Affected Software	Windows XP Professional. For more information, see the Affected Software section of the bulletin at the link below.
Restart Requirement	You must restart your system after you apply this security update.
Removal Information	Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.
More information	http://www.microsoft.com/technet/security/bulletin/MS07-041.mspx

Re-Released Bulletin:

MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)

Notes on the re-release of MS06-078:

The security update for Windows Media Player 6.4 (KB925398) did not correctly install on Windows Server 2003 Service Pack 2. A revised security update is now available to install on Windows Server 2003 Service Pack 2 (KB925398).
No changes have been made to the files in the security update. This is a package change only to install on Windows Server 2003 Service Pack 2.
Microsoft recommends that customers apply the update immediately. No action is required on systems where the security update has been successfully installed.

· Customers who did experience this known issue and did not install this security update will be reoffered the security update included with this security bulletin

More information on this re-released bulletin is available at: http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx