Fixlet Site - EnterpriseSecurity
Current Version: 875	Published: Wed, 13 Jun 2007 04:47:23  GMT
***************************************************************
Title: MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution - Windows Server 2003 (v2, re-released 6/12/2007)
Severity: Important
Fixlet ID: 701218
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx

Fixlet Description: Important Note: This patch was re-released on June 12, 2007 to add Microsoft Windows Server 2003 Service Pack 2 as an affected product. The action below deploys the revised version of the patch.

Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information.

***************************************************************
Title: MS07-012: CORRUPT PATCH - Windows Server 2003 (v2, re-released 6/12/2007)
Severity: Important
Fixlet ID: 701219
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx

***************************************************************
Title: MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution - Windows XP/2003 (x64) (v2, re-released 6/12/2007)
Severity: Important
Fixlet ID: 701220
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-012.mspx

Fixlet Description: Important Note: This patch was re-released on June 12, 2007 to add Microsoft Windows Server 2003 Service Pack 2 as an affected product. The action below deploys the revised version of the patch.

Microsoft has released an update that resolves a newly discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information.

***************************************************************
Title: MS07-018: Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution - MCMS 2002 SP2 (v2, re-released 6/12/2007)
Severity: Critical
Fixlet ID: 701804
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-018.mspx

Fixlet Description: Important Note: This patch was re-released on June 12, 2007 to address known issues with the original patch. The listed computers have the original version of the patch installed. The action below deploys the revised version of the patch.

Microsoft has released an update resolving two newly discovered, privately reported vulnerabilities. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Caveats section of the security bulletin for more information.

***************************************************************
Title: MS07-030: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution - Visio 2002 SP2 (Network/Local Install)
Severity: Important
Fixlet ID: 703001
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security patch for Visio 2002 Service Pack 2. This update resolves two privately discovered and responsibly reported vulnerabilities that could allow remote code execution if a user opened a specially crafted Visio file.

***************************************************************
Title: MS07-030: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution - Visio 2003 SP2 (Network/Local Install)
Severity: Important
Fixlet ID: 703003
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-030.mspx
Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129

Fixlet Description: Microsoft has released a security patch for Visio 2003 Service Pack 2. This update resolves two privately discovered and responsibly reported vulnerabilities that could allow remote code execution if a user opened a specially crafted Visio file.

***************************************************************
Title: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution - Windows XP SP2
Severity: Critical
Fixlet ID: 703101
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-031: CORRUPT PATCH - Windows XP SP2
Severity: Critical
Fixlet ID: 703102
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

***************************************************************
Title: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Moderate
Fixlet ID: 703103
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-031: CORRUPT PATCH - Windows 2000 SP4
Severity: Moderate
Fixlet ID: 703104
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

***************************************************************
Title: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution - Windows Server 2003 SP1/SP2
Severity: Important
Fixlet ID: 703105
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-031: CORRUPT PATCH - Windows Server 2003 SP1/SP2
Severity: Important
Fixlet ID: 703106
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

***************************************************************
Title: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703107
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

Fixlet Description: Microsoft has released a patch that resolves a newly discovered, privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-031: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703108
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx

***************************************************************
Title: MS07-032: Vulnerability in Windows Vista Could Allow Information Disclosure - Windows Vista
Severity: Moderate
Fixlet ID: 703201
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-032.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. An attacker who successfully exploited this vulnerability could allow non-privileged users to access local user information data stores including administrative passwords contained within the registry and local file system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-032: Vulnerability in Windows Vista Could Allow Information Disclosure - Windows Vista (x64)
Severity: Moderate
Fixlet ID: 703203
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-032.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. An attacker who successfully exploited this vulnerability could allow non-privileged users to access local user information data stores including administrative passwords contained within the registry and local file system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista
Severity: Critical
Fixlet ID: 703301
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 703303
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 703304
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703305
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 6.0 SP1 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703306
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 7.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 703307
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 7.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 703308
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703309
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 6.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703310
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703311
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 5.01 SP4 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703312
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 7.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703313
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 7.0 - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703314
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 7.0 - Windows Vista (x64)
Severity: Critical
Fixlet ID: 703315
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 7.0 - Windows Server 2003 SP1/SP2
Severity: Moderate
Fixlet ID: 703319
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 7.0 - Windows Server 2003 SP1/SP2
Severity: Moderate
Fixlet ID: 703320
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-033.mspx

***************************************************************
Title: MS07-033: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows Server 2003 SP1/SP2
Severity: Critical
Fixlet ID: 703321
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

Fixlet Description: Microsoft has released a patch that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-033: CORRUPT PATCH - IE 6.0 - Windows Server 2003 SP1/SP2
Severity: Critical
Fixlet ID: 703322
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

***************************************************************
Title: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail - Windows XP SP2
Severity: Important
Fixlet ID: 703401
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-034.mspx

Fixlet Description: Microsoft has released a patch that resolves two newly discovered, publicly disclosed vulnerabilities. One of these vulnerabilities could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail in Windows Vista. The other vulnerabilities could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer and cannot be exploited directly in Outlook Express. For the information disclosure vulnerabilities, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-034: CORRUPT PATCH - Windows XP SP2
Severity: Important
Fixlet ID: 703402
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-034.mspx

***************************************************************
Title: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail - Windows 2003 SP1/SP2
Severity: Low
Fixlet ID: 703403
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-034.mspx

Fixlet Description: Microsoft has released a patch that resolves two newly discovered, publicly disclosed vulnerabilities. One of these vulnerabilities could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail in Windows Vista. The other vulnerabilities could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer and cannot be exploited directly in Outlook Express. For the information disclosure vulnerabilities, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 703405
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx

Fixlet Description: Microsoft has released a patch that resolves two newly discovered, publicly disclosed vulnerabilities. One of these vulnerabilities could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail in Windows Vista. The other vulnerabilities could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer and cannot be exploited directly in Outlook Express. For the information disclosure vulnerabilities, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues  section of the security bulletin for more information.

***************************************************************
Title: MS07-034: CORRUPT PATCH - Windows 2003 SP1/SP2
Severity: Low
Fixlet ID: 703406
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-034.mspx

***************************************************************
Title: MS07-034: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Important
Fixlet ID: 703408
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx

***************************************************************
Title: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail - Windows Vista
Severity: Critical
Fixlet ID: 703411
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx

Fixlet Description: Microsoft has released a patch that resolves two newly discovered, publicly disclosed vulnerabilities. One of these vulnerabilities could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail in Windows Vista. The other vulnerabilities could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer and cannot be exploited directly in Outlook Express. For the information disclosure vulnerabilities, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail - Windows Vista (x64)
Severity: Important
Fixlet ID: 703413
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx

Fixlet Description: Microsoft has released a patch that resolves two newly discovered, publicly disclosed vulnerabilities. One of these vulnerabilities could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail in Windows Vista. The other vulnerabilities could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer and cannot be exploited directly in Outlook Express. For the information disclosure vulnerabilities, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are several known issues associated with the installation of this patch. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703501
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-035.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if the affected API is used locally by a specially crafted application. Therefore applications that use this component of the Win32 API could be used as a vector for this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-035: CORRUPT PATCH - Windows 2000 SP4
Severity: Critical
Fixlet ID: 703502
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-035.mspx

***************************************************************
Title: MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution - Windows XP SP2
Severity: Critical
Fixlet ID: 703503
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-035.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if the affected API is used locally by a specially crafted application. Therefore applications that use this component of the Win32 API could be used as a vector for this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-035: CORRUPT PATCH - Windows XP SP2
Severity: Critical
Fixlet ID: 703504
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS07-035.mspx

***************************************************************
Title: MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution - Windows Server 2003 SP1/SP2
Severity: Critical
Fixlet ID: 703505
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-035.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if the affected API is used locally by a specially crafted application. Therefore applications that use this component of the Win32 API could be used as a vector for this vulnerability. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-035: CORRUPT PATCH - Windows Server 2003 SP1/SP2
Severity: Critical
Fixlet ID: 703506
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-035.mspx

***************************************************************
Title: MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703507
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-035.mspx

Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability in a Win32 API. This vulnerability could allow remote code execution or elevation of privilege if the affected API is used locally by a specially crafted application. Therefore applications that use this component of the Win32 API could be used as a vector for this vulnerability. For example, Internet Explorer uses this Win32 API function when parsing specially crafted Web pages. This security update addresses the vulnerability by changing the way the Win32 API validates parameters. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS07-035: CORRUPT PATCH - Windows XP/2003 (x64)
Severity: Critical
Fixlet ID: 703508
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-035.mspx