US-CERT Cyber Security Alert SA07-044A -- Microsoft Updates for Multiple Vulnerabilities

National Cyber Alert System

Cyber Security Alert SA07-044A

Microsoft Updates for Multiple Vulnerabilities

Original release date: February 13, 2007
Last revised: --
Source: US-CERT

Systems Affected

Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Works
Microsoft Malware Protection Engine
Microsoft Step-by-Step Interactive Training

Overview

Vulnerabilities in Microsoft Windows, Internet Explorer, Office, Works, Malware Protection Engine, and Step-by-Step Interactive Training could allow an attacker to gain control of your computer.

Solution

Apply Update

Microsoft has provided updates to remedy these vulnerabilities. To obtain these updates, visit the Microsoft Update web site. We also recommend enabling Automatic Updates.

Users of Office for Mac OS X should obtain updates from the Mactopia website.

Description

Vulnerabilities in Microsoft Windows, Internet Explorer, Office, Works, Malware Protection Engine, and Step-by-Step Interactive Training may allow an attacker to access your computer, install and run malicious software on your computer, or cause it to crash. An attacker could exploit these vulnerabilities by using specially crafted network traffic, or by convincing you to view a specially crafted Office document.

For more technical information, see US-CERT Technical Alert TA07-044A.

References

Technical Alert TA07-044A - <http://www.us-cert.gov/cas/techalerts/TA07-044A.html>

Vulnerability Notes for Microsoft February 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-feb>

Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
Using Caution with Email Attachments - <http://www.us-cert.gov/cas/tips/ST04-010.html>

Microsoft Security Essentials - <http://www.microsoft.com/protect/>

Microsoft security updates for February 2007 - <http://www.microsoft.com/athome/security/update/bulletins/200702.mspx>

Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

Microsoft Office Update - <http://officeupdate.microsoft.com/>

Mactopia - <http://www.microsoft.com/mac/>

Microsoft Automatic Updates - <http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx#EZB>

Feedback can be directed to US-CERT.

Produced 2007 by US-CERT, a government organization. Terms of use

Revision History

February 13, 2007: Initial release

Last updated February 13, 2007

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting