Patch Tuesday Analysis for February 2007
3 things you need to know about this Patch Tuesday’s 12 security bulletins:
1. 11 of the 12 are workstation focused with 5 being critical. The ActiveX control trend continues which you can address without patching using my free, handy dandy administrative template.
2. Do you use any of Microsoft’s anti-malware tools? See MS07-010.
3. The Office document vulnerabilities trend continues with 2 more bulletins. This is where multiple AV engines pay off. Several of you last month questioned how you can afford multiple AV products. More thoughts coming on that issue next week. In the meantime, thanks for the feedback, keep it coming.
4. Vista and Office 2007 continue to squeak by.
The chart below gives you fast facts about all 12 bulletins
| Bulletin | Exploit Types
/Technologies Affected | System Types Affected | Exploit
details public?
/ Being exploited? | Comprehensive,
practical
workaround
available? | MS severity rating | Products Affected | Notes | Randy's recommendation | MS07-013
918118 | Arbitrary code
/ Windows, Office | Workstations
Terminal Servers
| No/No | No | Important | Win2000
XP
Office 2000
Office XP
Office 2003
Office 2004 for Mac
Server 2003
Visio 2002
Project 2000
Project 2002
Microsoft Learning Essentials
| Microsoft RichEdit | | MS07-005
923723 | Arbitrary code
/ Step-by-Step Interactive Training | Workstations
Terminal Servers
| No/No | No | Important | Win2000
XP
Server 2003
| | | MS07-012
924667 | Arbitrary code
/ Windows, Visual Studio | Developer Workstations
| No/No | No | Important | Win2000
XP
Visual Studio .NET 2002
Visual Studio .NET 2003
Server 2003
| malformed embedded OLE object within a Rich Text Format (RTF) file | | MS07-011
926436 | Arbitrary code
/ Windows | Workstations
Terminal Servers
| No/No | No | Important | Win2000
XP
Server 2003
| Microsoft OLE Dialog | | MS07-009
927779 | Arbitrary code
/ MS Data Access Components | Workstations
Terminal Servers
| Yes/No | No | Critical | Win2000
XP
Server 2003
| Yet another ActiveX control | | MS07-007
927802 | Privilege elevation
/ Windows | Workstations
Terminal Servers
| No/No | No | Important | XP
| Windows Image Acquisition Service | | MS07-016
928090 | Arbitrary code
/ IE | Workstations
Terminal Servers
| Yes/No | No | Critical | Win2000
XP
Server 2003
| Multiple IE vulnerabilities | | MS07-006
928255 | Privilege elevation
/ Windows | Workstations
Terminal Servers
| No/No | No | Important | XP
Server 2003
| Physical access or Remote Desktop connection required | | MS07-008
928843 | Arbitrary code
/ Windows | Workstations
Terminal Servers
| No/No | No | Critical | Win2000
XP
Server 2003
| Another ActiveX control | Patch after testing | MS07-014
929434 | Arbitrary code
/ Word | Workstations
Terminal Servers
| Yes/Yes | No | Critical | Office 2000
Office XP
Office 2003
Office 2004 for Mac
Works 2005
Works 2004
Works 2006
| 6 malformed Word doc holes | | MS07-010
932135 | Arbitrary code
/ Microsoft Malware Protection Engine | Workstations
Terminal Servers
Servers
| No/No | No | Critical | Windows Live OneCare
Microsoft Antigen
Windows Defender
Microsoft Forefront Security
| Malformed PDF turns anti-malware engine into malware agent! | | MS07-015
932554 | Arbitrary code
/ Office, Project, Visio | Workstations
Terminal Servers
| Yes/Yes | No | Critical | Office 2000
Office XP
Office 2003
Office 2004 for Mac
Visio 2002
Project 2000
Project 2002
| Malformed Excel and PowerPoint docs | |
Receive Randy's same-day, independent analysis each Patch Tuesday
Email:
We will not share your address. Unsubscribe anytime.
|
"Thank you. I am very glad I subscribed to this newsletter.
Relevant content clearly and concisely. Finally!!!"
- John K.
"I really like the Fast Facts on this Month's Microsoft
Security Bulletins. Do you keep old copies? If yes, please let me know how I can
access them?"
-Susan D.
"Thanks, Randy. Your regular updates have streamlined my
monthly patching. Much appreciated,"
- Steve T.
"Really appreciate your patch observor. In the corporate
IT world, anything we can get our hands on that speeds the process of analyzing
threats and how they may or may not apply to our environments is a God-send.
Thanks so much for your efforts."
- Tess G.
"Many thanks for this Randy"
- Roger G.
"The chart is a REAAALLY good idea :)"
- Phil J.
"I like the table. Your insight is very valuable. "
Tom C.
"I liked your high level overview of patches in the
table. There are so many sources of patch information which can be very specific
or surrounded by other stuff that it’s refreshing to get everything summarised
like this. The “Randy’s Recommendation” comment is useful starting point too.
Please keep up the good work."
- David A.
"Your Patch Tuesday Observer is a very good tool in
making the decision whether to patch or not to patch. And also to patch asap or
to wait a while before patching. Also I do think the use of the table is realy
improving the readability of the provided information."
- Gerard T.
|