Critical IE, Excel updates headline bumper Patch Tuesday

Microsoft has shipped a major Internet Explorer update to cover at least three code execution vulnerabilities in its flagship Web browser.

The cumulative IE update (MS07-045) headlines a bumper batch of nine bulletins that contains fixes for 14 documented software vulnerabilities.

The update affects IE 5.0 through IE 7.0 on Windows Vista but, because of defense-in-depth mitigations, the severity rating has been reduced to "important" on the newer versions.

Microsoft explains the three bugs:

1. A remote code execution vulnerability exists in the way Internet Explorer parses certain strings in CSS. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
2. A remote code execution vulnerability exists in the ActiveX control, tblinf32.dll. This control can also be found under the name of vstlbinf.dll. Both of these components were never intended to be supported in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited the Web page.
3. A remote code execution vulnerability exists in the ActiveX object, pdwizard.ocx. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution.

In all, there are six critical bulletins in the August batch. These affect Microsoft XML Core Services (Windows 2000 through Windows Vista); Object Linking and Embedding (OLE) automation (Vista is not affected); Microsoft Excel (Office 2000, Office 2003, Office XP and Office 2004 for Mac); Graphics Rendering Engine(Windows 2000 through Windows Server 2003); and Vector Markup Language (IE 5.0 through IE 7.0 on Windows Vista).

The other three bulletins cover:

MS07-047 -- Two code execution holes in the way Windows Media Player parses and decompresses skins. This is rated "important."

MS07-049 -- Patches an elevation of privilege vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. This update carries an "important" rating.

MS07-048 -- This applies to at least three serious flaws in Windows Gadgets. This "important" update is specific to Windows Vista and affects the Feed Headlines Gadget, the Weather Gadget and the Contacts Gadget.

* More to come as I wade through the nine bulletins.