Home
Resources
Training
About Us
eStore
<a href="http://www.isdecisions.com/en/software/userlock/?xtor=SEC-230"><img src="http://www.isdecisions.com/images/pubs/Randy/userlock.gif" alt="UserLock" border="0" /></a>

>

resources > bulletins > MS07-003

 

 

 

 

 

 

 

Latest Blog: WinReporter 4.0 Makes It Easy to Assess Attack Surface

  

Microsoft Security Bulletin MS07-003 - Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)

This critical bulletin affects all version of Outlook except 2007.  Outlook Express is apparently not impacted.  The patch fixes 2 arbitrary code and 1 denial of service vulnerabilities.  The denial of service vulnerability is publicly disclosed.  One of the arbitrary code vulnerabilities is particularly worrisome since it involves iCal calendar appointments received in emails or opened otherwise.  The vulnerability doesn’t apply to iCals received via an Exchange account since Outlook uses MAPI with Exchange.  Vectors are limited to receiving email via POP, IMAP or HTTP or by opening an iCal file from some other source such as from a web page. 
There is a published workaround which involves one of several ways of disabling the MapiCvt class which provides Outlook’s calendar event handling.
For clients known to receive email via POP, IMAP or HTTP I recommend patching after minimal testing or implementing the work around immediately.
If possible block the download iCal files at your web gateway to prevent the browser based vector.
Otherwise I recommend patching after full testing.

Get this valuable commentary each month as soon as Microsoft releases security updates!

Free log parser scripts, a clear explanation of Microsoft's latest security bulletin, helpful security tips, how-to's and more.

Email address:
 

Newsletter archive
Your e-mail address will be held strictly confidential and you can unsubscribe at any time.


Upcoming Webinars by Randy Franklin Smith

How to Secure Web Based Applications with 2-Factor Authentication

Eliminating Admin Rights on Workstations and Laptops: Avoiding the Pitfalls and Making it Work in the Real World

Beyond Single Event Analysis: Analyzing Multiple Events to Reduce False Positives and Gain Deeper Insight into the Security Log

Auditing File Access with the Windows Server 2008 Security Log: The Good, Bad and Ugly


Additional Links

A
D
V

Sick of LimitLogin? Get UserLock for real logon control

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit


Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2007 Monterey Technology Group, All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.

Site Map