Critical IE, Excel updates headline bumper Patch Tuesday

Critical IE, Excel updates headline bumper Patch Tuesday

Summary: The cumulative Internet Explorer update headlines a bumper batch of nine bulletins that contains fixes for 14 documented software vulnerabilities.

SHARE:

Microsoft has shipped a major Internet Explorer update to cover at least three code execution vulnerabilities in its flagship Web browser.

The cumulative IE update (MS07-045) headlines a bumper batch of nine bulletins that contains fixes for 14 documented software vulnerabilities.

The update affects IE 5.0 through IE 7.0 on Windows Vista but, because of defense-in-depth mitigations, the severity rating has been reduced to "important" on the newer versions.

Microsoft explains the three bugs:

  1. A remote code execution vulnerability exists in the way Internet Explorer parses certain strings in CSS. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
  2. A remote code execution vulnerability exists in the ActiveX control, tblinf32.dll. This control can also be found under the name of vstlbinf.dll. Both of these components were never intended to be supported in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited the Web page.
  3. A remote code execution vulnerability exists in the ActiveX object, pdwizard.ocx. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution.

In all, there are six critical bulletins in the August batch. These affect Microsoft XML Core Services (Windows 2000 through Windows Vista); Object Linking and Embedding (OLE) automation (Vista is not affected); Microsoft Excel (Office 2000, Office 2003, Office XP and Office 2004 for Mac); Graphics Rendering Engine (Windows 2000 through Windows Server 2003); and Vector Markup Language (IE 5.0 through IE 7.0 on Windows Vista).

The other three bulletins cover:

MS07-047 -- Two code execution holes in the way Windows Media Player parses and decompresses skins. This is rated "important."

MS07-049 -- Patches an elevation of privilege vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. This update carries an "important" rating.

MS07-048 -- This applies to at least three serious flaws in Windows Gadgets. This "important" update is specific to Windows Vista and affects the Feed Headlines Gadget, the Weather Gadget and the Contacts Gadget.

* More to come as I wade through the nine bulletins.

Topics: Security, Browser, Microsoft, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

28 comments
Log in or register to join the discussion
  • The last two vulnerabilities aren't even in IE

    Just so you know, the two "ActiveX Object Memory Corruption" vulnerabilities are not actually vulnerabilities in IE. I have never heard of pdwizard.ocx or tblinf32.dll -- according to the bulletins they are part of Visual Basic 6.

    Microsoft puts these killbits in with the IE security updates as defense in depth to protect IE, but the fact remains that the bugs are still present in those two files. Other products that can use ActiveX controls, such as Microsoft Word, would still be vulnerable.

    Unfortunately by putting these killbits in with IE they are making their vuln count artificially high.
    PB_z
    • Plus the first vulnerability only affects IE 5.01

      So it appears that unless you are running Win2K with IE 5.01, or have Visual Basic 6 on your machine, you are not affected by any of these three vulnerabilities.
      PB_z
    • Breaks the following forum requirements for Vista:

      1. Requires user interaction.
      2. No exploits in the wild.
      3. Does not gain administrative rights.

      If you still need a reason to upgrade to Vista here is another reminder.
      ye
      • Should have been a reply to the story.

        .
        ye
  • Oh great !

    Now the MS fanboys don't think this is a big deal . 9 patches for Windows and Internet Explorer plus three more for Microsoft Office . The fanboys claim that this isn't an issue . I wonder how long these bugs have been in the wild now ? If anything , I'm sure we will be seeing more of these bumper patches every month now . It's not the end of the summer yet and look at all these patches arriving at my kids XP machine .
    Intellihence
    • Translation

      I wish all those MS users would come thundering over to OS X, and then we'd have the demographics and the marketing clout, and we'd be the big man on the block. I hate sitting in obscurity.
      Beyond the Vista, A Leopard is starving
      • You are funny .

        If anything I wish MS users to remain MS users . You translated incorrectly . Wanna try again ? Maybe this time you will get a cigar ,,,
        Intellihence
        • Makes sense to me.

          If everyone went to Apple, then all the apple users would complain about all the security holes in the OS.
          notsofast
      • Absolutely LOVE the sig line!!!

        Still laughing... Starving Leppard Buwahahahahahahaha
        No_Ax_to_Grind
      • Be carefull of what you wish for

        If that were to happen then Apple would be releasing all those patches each month.
        jescocom
    • And OS X had, oh yeah 50!!!!!

      Your a sad little clown.
      No_Ax_to_Grind
    • Stalk this...

      http://blogs.zdnet.com/security/?p=172

      "Apple has issued a mega-update with patches for 25 new security vulnerabilities affecting Mac OS X users.This is the fourth update (89th security patch) issued by Apple in 2007."

      89, yes, your read it right 89!!!

      My gawd, is there any of the original code even there? The name Apple and the word security should never be used in the same sentence!
      No_Ax_to_Grind
  • 14 documented software vulnerabilities

    Microsoft explains the three bugs:
    Blah blah bla-bla blah blah blah blah

    The other three bulletins cover:
    Blah bla-bla-blah blah blah blah

    Understand?

    Now get ready for the next bunch!
    Ole Man
    • And your OS of choice is bug free?

      Understand? Didn't think so.
      ye
      • Try 50 in one shot!

        No kidding
        No_Ax_to_Grind
      • Why is it ok...

        for any OS to have so many security bugs? Some will tell you "it's inevitable, all software has bugs". There's nothing quite like setting the bar so low as to effectively have no bar to begin with to spur big business into fixing what's broke. There is literally no reason for Microsoft to take security seriously as long as they've got great constant cashflow. The software business really is worse than the airline business. Might as well farm out everything to India since we can get the same bugs for a fraction of the cost.
        jasonp@...
        • OS?

          I just scanned the fixes, but only saw 3 that were the OS. Oh wait, that's right, when it's a MS bug fix, applications are part of the OS. When it's a Macintosh or Linux application or utility fix, the problem is in the app. :rolleyes:
          notsofast
          • Every time I here that there's a fix out...

            for SAMBA or OO or any of the other third party applications that get distributed with Linux, it's a Linux problem. You have a problem with the same analogy, too bad.
            jasonp@...
          • You can thank Microsoft for that.

            Remember it was Microsoft that made the claim that ie, media player, etc. etc. were
            an integral part of the OS. The claims were made (by Microsoft) that removing these
            apps would damage the OS. Also of note; Wasn't it Microsoft that said they don't list
            all the flaws, in an effort to keep the crackers from exploiting them? So if the
            "update" is more than 14 actual patches (remember Microsoft does a lot of "silent"
            fixes). There is something to be said about the flaw count.
            Rick_K
          • Let me see

            Hmm - IE is shipped with the OS. Ie can not be removed from the OS and have it still run. Not the OS? In the same manner, you could reasonably count Firefox problems as a problem with (for example) Ubuntu for the same reason. The objection is to counting things that can be removed without penalty as OS flaws.

            If your eyes have stopped rolling - care to recount?

            Of course, flaw counts aren't much of an indicator of anything beyond showing that somebody cares, and is trying to fix potential (and sometimes actual) problems. Mostly one should read these to determine (after reading about what's affected, and waiting to see what problems (if any) the fix introduces) whether or not to allow the updates to take place. In my case, none of these need to be fixed, as I wouldn't let MS have internet access anyway... :)
            Freebird54