Microsoft patched 10 security holes
On January 9, Microsoft released the first month's security bulletin of 2007 with four security updates to patch 10 vulnerabilities in applications.
Of the 10 vulnerabilities patched, seven were classified as " serious ". In addition, this month's security bulletin, Microsoft was unable to patch some of the flaws in the Word text editor, which had been exploited by hackers more than a month ago.
In fact, the number of Microsoft January security bulletins is less than half of the number it claimed a while ago, and there is currently no explanation for this cut. Of these, there are 4 bulletins for Office packages, and 4 for IE.
According to experts, the most serious vulnerability patched in this phase (newsletter MS07-003) affects Outlook. There are three vulnerabilities patched in Office, but only one vulnerability is ranked at the most serious level. Two of the three vulnerabilities in Outlook may allow an attacker to hijack a victim computer running Outlook 2000, 2002, or 2003. The Outlook 2007 version is said to be unaffected by this vulnerability.
Meanwhile, security bulletin MS07-004 patched another vulnerability in VML (Vector Markup Language), an extension of XML used to define web images into vector graphics format. In September 2006, VML had a different vulnerability than the current vulnerability. And like the previous vulnerability, the new vulnerability can be exploited without user interaction.
However, unlike the 2006 VML patch, the MS07-004 bulletin also includes a patch for IE7 browsers on Windows 2000 and Windows XP operating systems. Microsoft has not yet confirmed whether the IE7 version on Vista needs this patch.
The next newsletter is MS07-002 and 5 vulnerabilities - all are severely affected, affecting Excel 2000 and above, including Excel in Office 2004 and Office vX packages for Mac packages. . The vulnerability in Excel could be exploited to create fake spreadsheet files that, when opened, will allow hackers to insert malware into a victim's PC or Mac.
The last newsletter is MS07-001, which is used to patch every hole in Microsoft Word in Brazilian-Portuguese and Spanish versions.
- Microsoft patched zero-day errors for Vista
- Microsoft blocked security holes for XP and Vista -
- Microsoft patched 12 vulnerabilities in products
- Microsoft patched the vulnerability in IE
- Microsoft patched a series of serious vulnerabilities
- Microsoft patched a serious flaw in the .Net platform
- 28% of software is not patched by security
- Microsoft just patched two vulnerabilities in January 2008?
- Microsoft fixes a dangerous DNS error for Windows
- Microsoft patched a new vulnerability in Vista
- Symantec patched the vulnerability in ESM products
- Microsoft changed the mechanism for issuing patches