Patch Tuesday Analysis for October 2007

Four Critical and two Important security updates and if you care about your data in SharePoint one of those Important updates (MS07-059) should be Critical too. Most of you out there will be particularly concerned about the publicly disposed vulnerability fixes for Word, IE and SharePoint. The Word and IE related patches of course impact your workstations while SharePoint should impact relatively few servers on typical networks. Here’s something to think about: How many of you use an Application Service Provider for SharePoint? I do. I’m making sure they get this patch loaded ASAP and you should too. I’m finding more and more critical business data move into SharePoint.
 
As to the rest of the patches, unless your folks are big Kodak Image Viewer or Windows Mail/Outlook Express there’s no need to escalate MS07-055 or MS07-56. Same goes for MS07-058 unless you are worried about DOS attacks from insiders (e.g. college networks). My Fast Facts chart follows below. 
BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS07-055

923810
Arbitrary code

/ Windows
Workstations
Terminal Servers
No/NoNoCritical Win2000
XP
Server 2003
Kodak Image Viewer – Only affects XP and 2003 if it was upgraded from 2000 Patch after testing
MS07-058

933729
Denial of service

/ Windows
Workstations
Terminal Servers
Servers
Domain Controllers
No/NoNoImportant XP
Win2003
Vista
Server 2003
  
MS07-057

939653
Arbitrary code

/ IE
Workstations
Terminal Servers
Yes/NoNoCritical Win2000
XP
Vista
Server 2003
Cumulative update addresses several vulnerabilities Patch after testing
MS07-056

941202
Arbitrary code

/ Windows
Workstations
Terminal Servers
No/NoYesCritical Win2000
XP
Vista
Server 2003
Outlook Express, Mail Disable news protocol handler; Patch after testing
MS07-059

942017
Privilege elevation
Information disclosure

/ Windows
Servers
Yes/NoNoImportant Office Sharepoint Server 2007
Server 2003
Sharepoint Server Patch after testing
MS07-060

942695
Arbitrary code

/ MS Word
Workstations
Terminal Servers
No/YesNoCritical Office 2000
Office XP
Office 2004 for Mac
NonePatch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Tuesday Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.