Fixlet Site - EnterpriseSecurity Current Version: 906 Published: Wed, 10 Oct 2007 04:34:09 GMT *************************************************************** Title: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution - Windows 2000 SP4 Severity: Critical Fixlet ID: 705501 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-055.mspx Fixlet Description: Microsoft has released a critical security update that resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution - Windows XP SP2 Severity: Critical Fixlet ID: 705503 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-055.mspx Fixlet Description: Microsoft has released a critical security update that resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 705505 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-055.mspx Fixlet Description: Microsoft has released a critical security update that resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 5.5 SP2 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705601 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: CORRUPT PATCH - Outlook Express 5.5 SP2 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705602 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 6 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705603 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: CORRUPT PATCH - Outlook Express 6 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705604 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 6 - Windows XP SP2 Severity: Critical Fixlet ID: 705605 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: CORRUPT PATCH - Outlook Express 6 - Windows XP SP2 Severity: Critical Fixlet ID: 705606 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 6 - Windows XP (x64) Severity: Critical Fixlet ID: 705607 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 6 - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 705609 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: CORRUPT PATCH - Outlook Express 6 - Windows Server 2003 SP1/SP2 Severity: Critical Fixlet ID: 705610 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Outlook Express 6 - Windows Server 2003 (x64) Severity: Critical Fixlet ID: 705611 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Windows Mail - Windows Vista Severity: Important Fixlet ID: 705613 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-056: Security Update for Outlook Express and Windows Mail - Windows Mail - Windows Vista (x64) Severity: Important Fixlet ID: 705615 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx Fixlet Description: Microsoft has released a critical security update that resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 5.01 SP4 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705701 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 5.01 SP4 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705702 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 6 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705703 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 6 SP1 - Windows 2000 SP4 Severity: Critical Fixlet ID: 705704 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP2 Severity: Critical Fixlet ID: 705705 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 6 - Windows XP SP2 Severity: Critical Fixlet ID: 705706 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP (x64) Severity: Critical Fixlet ID: 705707 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 705709 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 6 - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 705710 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 (x64) Severity: Moderate Fixlet ID: 705711 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP2 Severity: Critical Fixlet ID: 705713 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 7 - Windows XP SP2 Severity: Critical Fixlet ID: 705714 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP (x64) Severity: Critical Fixlet ID: 705715 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 705717 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: CORRUPT PATCH - IE 7 - Windows Server 2003 SP1/SP2 Severity: Moderate Fixlet ID: 705718 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 (x64) Severity: Moderate Fixlet ID: 705719 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista Severity: Critical Fixlet ID: 705721 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-057: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista (x64) Severity: Critical Fixlet ID: 705723 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx Fixlet Description: Microsoft has released a critical security update that resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows 2000 SP4 Severity: Low Fixlet ID: 705801 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-058: CORRUPT PATCH - Windows 2000 SP4 Severity: Low Fixlet ID: 705802 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows XP SP2 Severity: Important Fixlet ID: 705803 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-058: CORRUPT PATCH - Windows XP SP2 Severity: Important Fixlet ID: 705804 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows XP (x64) Severity: Important Fixlet ID: 705805 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 705807 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-058: CORRUPT PATCH - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 705808 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows Server 2003 (x64) Severity: Important Fixlet ID: 705809 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows Vista Severity: Important Fixlet ID: 705811 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-058: Vulnerability in RPC Could Allow Denial of Service - Windows Vista (x64) Severity: Important Fixlet ID: 705813 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx Fixlet Description: Microsoft has released an update that resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. [Validate for this update, edit if necessary]Note: Microsoft has announced that this update may be included in a future service pack or update rollup. *************************************************************** Title: MS07-059: Vulnerability in Windows SharePoint Services 3.0 Could Result in Elevation of Privilege Within the SharePoint Site - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 705901 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-059.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Windows SharePoint Services 3.0. The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment. The vulnerability could also allow an attacker to run arbitrary script to modify a user's cache, resulting in information disclosure at the workstation After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-059: Vulnerability in Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site - Windows Server 2003 SP1/SP2 Severity: Important Fixlet ID: 705905 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-059.mspx Fixlet Description: Microsoft has released a security update that resolves a publicly reported vulnerability in Microsoft Office SharePoint Server 2007. The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment. The vulnerability could also allow an attacker to run arbitrary script to modify a user's cache, resulting in information disclosure at the workstation. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2000 (Local Install) Severity: Critical Fixlet ID: 706002 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update which resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to the vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2000 - Windows NT/2000/XP/2003 (Network Install) Severity: Critical Fixlet ID: 706003 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update which resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to the vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2000 - Windows 9x/ME (Network Install) Severity: Critical Fixlet ID: 706004 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update which resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to the vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2000 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Critical Fixlet ID: 706005 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update which resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to the vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2000 - Windows 9x/ME (Administrative Install) Severity: Critical Fixlet ID: 706006 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update which resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this patch, affected computers will no longer be susceptible to the vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2002 (Network/Local Install) Severity: Important Fixlet ID: 706011 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Word 2002. A remote code execution vulnerability exists if a user opens a specially crafted Word file with a malformed string. A specially crafted file might be included as an e-mail attachment or hosted on a malicious Web site. This security update addresses the vulnerability by modifying the way that Microsoft Word handles specially crafted Word files. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2002 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Important Fixlet ID: 706013 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Word 2002. A remote code execution vulnerability exists if a user opens a specially crafted Word file with a malformed string. A specially crafted file might be included as an e-mail attachment or hosted on a malicious Web site. This security update addresses the vulnerability by modifying the way that Microsoft Word handles specially crafted Word files. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2002 - Windows 9x/ME(Administrative Install) Severity: Important Fixlet ID: 706015 Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security patch for Word 2002. A remote code execution vulnerability exists if a user opens a specially crafted Word file with a malformed string. A specially crafted file might be included as an e-mail attachment or hosted on a malicious Web site. This security update addresses the vulnerability by modifying the way that Microsoft Word handles specially crafted Word files. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.