Microsoft released six security updates for July, rating three of them as critical. Here's a brief description of each update; for more information, go to
http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx
MS07-036: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
This update addresses a publicly disclosed remote code execution vulnerability. This update also addresses two privately disclosed vulnerabilities. To leverage this vulnerability, an attacker needs to convince the target of the attack to open a specially formed Microsoft Excel file.
Applies to: All versions of Excel
Recommendation: Microsoft rates this update as critical because the details of this vulnerability have been publicly reported. You should perform accelerated testing and deployment of this update on vulnerable systems.
MS07-037: Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution
This update addresses a publicly disclosed vulnerability. To leverage this vulnerability, an attacker needs to convince the target of the attack to open a specially formed Microsoft Office Publisher File. This vulnerability could allow remote code execution.
Applies to: Publisher 2007
Recommendation: Microsoft rates this bulletin as important, and the vulnerability it addresses has yet to be publicly disclosed. Unless your organization regularly works with Publisher files from untrusted sources, you should test and deploy this update as part of your normal patch management routine. If your organization regularly works with Publisher files from untrusted sources, accelerated testing and deployment is advised.
MS07-038: Vulnerability in Windows Vista Firewall Could Allow Information Disclosure
This privately reported vulnerability could be exploited by an attacker to gather information about the targeted host. This vulnerability cannot be directly used to gain control of a targeted system.
Applies to: Windows Vista
Recommendation: Microsoft rates this bulletin as moderate. You should test and deploy the update as part of your normal patch management routine.
MS07-039: Vulnerability in Windows Active Directory Could Allow Remote Code Execution
This update addresses a privately reported vulnerability in Active Directory (AD) on all versions of Windows Server. Microsoft rates the vulnerability as critical on Windows 2000 Server and important on Windows Server 2003. This attack can only be exploited on Windows 2003 if the attacker already has valid AD credentials.
Applies to: Windows 2000, Windows 2003
Recommendation: Although Microsoft rates this update as critical on Windows 2000, the vulnerability has not been publicly disclosed. Given the important nature of AD, you should promptly perform extensive testing before deployment of this update on vulnerable systems.
MS07-040: Vulnerability in .NET Framework Could Allow Remote Code Execution
This update addresses three privately reported vulnerabilities, two of which could allow remote code execution on Web servers that utilize ASP.NET. You should consult the related Microsoft article at http://support.microsoft.com/kb/931212 before deploying this update because it's possible that there will be side effects.
Applies to: All versions of Windows
Recommendation: Although Microsoft rates this update as critical, the vulnerability has not been publicly disclosed. Given the variety of platforms the vulnerability applies to, it's likely that hackers will rapidly attempt to develop an exploit that leverages this vulnerability. You should promptly perform testing and deployment of this update on vulnerable systems.
MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution
This vulnerability could allow remote code execution if an attacker crafted a special URL and transmitted it to a Windows XP computer that's hosting a Web site that uses the IIS software included in XP. This attack could be used to take complete control of the XP computer.
Applies to: XP
Recommendation: Microsoft rates this bulletin as important, and the vulnerability it addresses has yet to be publicly disclosed. Unless you're using XP to host Internet-facing Web sites, you should test and deploy the update as part of your normal patch management routine. If you're using IIS on XP to host Internet-facing Web sites, you should test and apply this update as soon as possible.
