Microsoft Security Bulletin MS07-064 150; Critical

Discussion in 'other security issues & news' started by NICK ADSL UK, Jan 24, 2008.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin MS07-064 150; Critical

    Microsoft Security Bulletin MS07-064 – Critical
    Vulnerabilities in DirectX Could Allow Remote Code Execution 941568
    Published: December 11, 2007 | Updated: January 23, 2008

    Version: 2.0

    General Information
    Executive Summary
    This critical security update resolves two privately reported vulnerabilities in Microsoft DirectX. These vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    This is a critical security update for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003 and Windows Vista. For more information, see the subsection, Affected and Non-Affected Software, in this section.

    http://www.microsoft.com/technet/security/bulletin/ms07-064.mspx


    Why was this bulletin revised on January 23, 2008?
    This bulletin was revised to add DirectX 9.0 and 9.0b as affected products. Microsoft Update, Windows Update, the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Systems Management Server (SMS) already correctly offer KB941568 to customers that have DirectX 9.0 and 9.0b installed. Customers with DirectX 9.0 and 9.0b installed should apply the update to remain secure.
     
  2. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Thanks Nick
    :)

    Gerard
     
Loading...
Thread Status:
Not open for further replies.