Microsoft security alert.
August 14, 2007
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 14 vulnerabilities that were fixed in 9 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 9 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft XML Core Services Could Allow Remote Code Execution (MS07-042)
- Severity
- Urgent 5
- Qualys ID
- 90405
- Vendor Reference
- MS07-042
- CVE Reference
- CVE-2007-1749, CVE-2007-2223
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
This Microsoft update resolves a vulnerability in Microsoft XML Core Services.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
August 2007 Monthly Security Updates are Now Available on the ECE (KB936021)
- Consequence
- This vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services.
- Solution
-
Refer to Microsoft Security Bulletin MS07-042 for further information and patch instructions.
Microsoft has rated this issue as Critical.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS07-042 2007 Microsoft Office System(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Expression Web(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Office 2003 Service Pack 2(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Office Groove Server 2007(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Office SharePoint Server(Microsoft XML Core Services 5.0)
MS07-042 Microsoft Word Viewer 2003(Microsoft XML Core Services 5.0)
MS07-042 Windows 2000 Service Pack 4(Microsoft XML Core Services 3.0)
MS07-042 Windows 2000 Service Pack 4(Microsoft XML Core Services 4.0)
MS07-042 Windows 2000 Service Pack 4(Microsoft XML Core Services 6.0)
MS07-042 Windows Server 2003 Service Pack 1(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2(Microsoft XML Core Services 4.0)
MS07-042 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2(Microsoft XML Core Services 6.0)
MS07-042 Windows Server 2003 Service Pack 2(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 with SP1 for Itanium-based Systems(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft XML Core Services 4.0)
MS07-042 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft XML Core Services 6.0)
MS07-042 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 x64 Edition(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 x64 Edition Service Pack 2(Microsoft XML Core Services 3.0)
MS07-042 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2(Microsoft XML Core Services 4.0)
MS07-042 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2(Microsoft XML Core Services 6.0)
MS07-042 Windows Server 2008 for 32-bit Systems(Microsoft XML Core Services 4.0)
MS07-042 Windows Server 2008 for Itanium-based Systems(Microsoft XML Core Services 4.0)
MS07-042 Windows Server 2008 for x64-based Systems(Microsoft XML Core Services 4.0)
MS07-042 Windows Vista(Microsoft XML Core Services 3.0)
MS07-042 Windows Vista(Microsoft XML Core Services 6.0)
MS07-042 Windows Vista and Windows Vista Service Pack 1(Microsoft XML Core Services 4.0)
MS07-042 Windows Vista x64 Edition(Microsoft XML Core Services 3.0)
MS07-042 Windows Vista x64 Edition(Microsoft XML Core Services 6.0)
MS07-042 Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1(Microsoft XML Core Services 4.0)
MS07-042 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(Microsoft XML Core Services 3.0)
MS07-042 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(Microsoft XML Core Services 4.0)
MS07-042 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(Microsoft XML Core Services 6.0)
MS07-042 Windows XP Service Pack 2(Microsoft XML Core Services 3.0)
MS07-042 Windows XP Service Pack 2(Microsoft XML Core Services 4.0)
MS07-042 Windows XP Service Pack 2(Microsoft XML Core Services 6.0)
MS07-042 Windows XP Service Pack 3(Microsoft XML Core Services 4.0)
-
Microsoft OLE Automation Could Allow Remote Code Execution (MS07-043)
- Severity
- Critical 4
- Qualys ID
- 90404
- Vendor Reference
- MS07-043
- CVE Reference
- CVE-2007-2224
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
A remote code execution vulnerability exists when a user accesses a specially crafted Web page.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
August 2007 Monthly Security Updates are Now Available on the ECE (KB921503)
- Consequence
-
This vulnerability could be exploited through attacks on Object Linking and Embedding (OLE). Administrative users are affected more as compared to users having lesser rights.
This vulnerability exists in all supported editions of Windows 2000, Windows XP, Office 2004 for Mac, Windows Server 2003 and Visual Basic 6.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5c35b6e8-732a-4451-b5d4-23ed63e6e792Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6e8de050-8589-4831-ae19-075c93509485Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=b85bb583-dc61-4d37-b458-208f5bb07eceWindows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=15d4d4fa-9bab-4da5-978e-f89c78c8086aWindows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6608d722-3ef8-4085-b771-7b17bb0ba06eWindows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=fc04451a-0696-4a21-b2b6-f02d4e2c33bfMicrosoft Office 2004 for Mac:
http://www.microsoft.com/mac/downloads.aspx#Office2004Microsoft Visual Basic 6.0 Service Pack 6 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=E1646FB0-29D5-4A6E-A8D2-304C4D7735B7Refer to Micrsoft Security Bulletin MS07-043 for further details.
-
Microsoft Excel Could Allow Remote Code Execution (MS07-044)
- Severity
- Urgent 5
- Qualys ID
- 110063
- Vendor Reference
- MS07-044
- CVE Reference
- CVE-2007-3890
- CVSS Scores
- Base 9.3 / Temporal 6.9
- Description
- Microsoft Excel is prone to a remote code execution issue due to insufficient handling of malformed Excel files. Specificially, Excel does not perform sufficient validation when denoting the index value for a Workspace.
- Consequence
- An attacker who successfully exploits this vulnerability could run arbitrary code on the affected system as the logged on user.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Office 2000 Service Pack 3 (Microsoft Excel 2000 Service Pack 3):
http://www.microsoft.com/downloads/details.aspx?FamilyId=082B98F7-9556-4F1F-823A-C41DDF5A7C9AMicrosoft Office XP Service Pack 3 (Microsoft Excel 2002 Service Pack 3):
http://www.microsoft.com/downloads/details.aspx?FamilyId=91308769-2577-4F9F-8209-06F2C8C8A86FMicrosoft Office 2003 Service Pack 2 (Microsoft Excel 2003 Service Pack 2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=B0130E9E-8845-4D79-AAA1-A21CC9388ABEMicrosoft Office 2003 Service Pack 2 (Microsoft Excel Viewer 2003):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C4A87572-3128-44F7-8069-95535A78500AMicrosoft Office 2004 for Mac (Microsoft Office 2004 for Mac):
http://www.microsoft.com/mac/downloads.aspx#Office2004Refer to Micrsoft Security Bulletin MS07-044 for further details.
-
Cumulative Security Update for Internet Explorer (MS07-045)
- Severity
- Critical 4
- Qualys ID
- 100050
- Vendor Reference
- MS07-045
- CVE Reference
- CVE-2007-0943, CVE-2007-2216, CVE-2007-3041
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
A remote code execution vulnerability exists in Internet Explorer Versions 5.01, 6 and 7.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
August 2007 Monthly Security Updates are Now Available on the ECE (KB937143)
- Consequence
-
A specially crafted Web page using Internet Explorer may allow remote code execution. Administrative users are impacted more than the users having lesser rights.
Two of the vulnerabilities are addressed by setting the kill bit for ActiveX controls. The third vulnerability is addressed by modifying the way that Internet Explorer handles CSS files containing partucular strings. - Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 5.01 Service Pack 4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=FCF9440F-BB36-4ED1-9B6B-74A4F055650BMicrosoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 6 Service Pack 1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=8DB75461-4DCA-43DB-AA30-C7E67CE954ADWindows XP Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=5D31D916-867F-4DBF-B8A4-C75EA83F4F51Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=B15B2442-D6DA-41DD-A424-11C9893BE595Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=F2F9FB69-0399-4DF0-9F5B-8F42A130C581Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=D0BD886D-2C80-4DD7-82B7-1BD1F8D398CCWindows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=BF41033A-D6F0-451E-9B69-4CBE2BB3F804Windows XP Service Pack 2 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=7A2B4395-EABA-45EC-8D0C-932EBCC3D344Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=CD7ED4D5-7790-41DB-8B68-CFD59105CA36Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=4F8DAED8-9925-494D-B2F5-1E29F4040F6AFor a complete list of patch download links, please refer to Micrsoft Security Bulletin MS07-045.
-
Windows GDI Could Allow Remote Code Execution (MS07-046)
- Severity
- Critical 4
- Qualys ID
- 90407
- Vendor Reference
- MS07-046
- CVE Reference
- CVE-2007-3034
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
A remote code execution vulnerability exists in the Graphics Rendering Engine because of the way that it handles specially crafted images.
An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted email attachment.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
August 2007 Monthly Security Updates are Now Available on the ECE (KB938829)
- Consequence
-
An attacker who successfully exploits this vulnerability could gain the same user rights as the local user.
Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=8fc8340b-c2b3-4559-835c-caa00cf086b9Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=dc29475d-c0bb-4d35-8dd6-4ca1cac32315Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=3c81730a-981a-4649-b2d9-45144230d512Windows Server 2003 Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5374583d-de68-4d65-bca8-598d6b98b8b3Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=c3359f27-e03e-4a4f-b896-3bda39f69f7eWindows Server 2003 with SP1 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=92822479-2060-4357-a340-ed096f180b2bRefer to Micrsoft Security Bulletin MS07-046 for further details.
-
Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (MS07-047)
- Severity
- Critical 4
- Qualys ID
- 90406
- Vendor Reference
- MS07-047
- CVE Reference
- CVE-2007-3035, CVE-2007-3037
- CVSS Scores
- Base 7.6 / Temporal 5.6
- Description
-
1. Windows Media Player Code Execution Vulnerability Parsing Skins - CVE-2007-3037
Windows Media Player incorrectly handles header information contained in skin files which leads to this code execution issue.2. Windows Media Player Code Execution Vulnerability Decompressing Skins - CVE-2007-3035
The second remote code execution vulnerability exists in Windows Media Player.Both the issues can be exploited in a Web-based attack as well as an email attack scenario.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
August 2007 Monthly Security Updates are Now Available on the ECE (KB936782)
- Consequence
- An attacker who successfully exploits this vulnerability could take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows 2000 Service Pack 4 (Windows Media Player 7.1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9f46b1fc-ee7b-437f-9492-67d003711021Windows 2000 Service Pack 4 (Windows Media Player 9):
http://www.microsoft.com/downloads/details.aspx?FamilyId=bd4a6474-5fde-415e-840e-7d973cb71c95Windows XP Service Pack 2 (Windows Media Player 9):
http://www.microsoft.com/downloads/details.aspx?FamilyId=bd4a6474-5fde-415e-840e-7d973cb71c95Windows XP Service Pack 2 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=48f5a9d3-b859-4cb6-a68e-abde76a14782Windows XP Service Pack 3 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=48f5a9d3-b859-4cb6-a68e-abde76a14782Windows XP Professional X64 Edition (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=949580be-cbb3-4271-8ca0-0ead7f2d8801Windows XP Professional X64 Edition Service Pack 2 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=949580be-cbb3-4271-8ca0-0ead7f2d8801Windows Server 2003 Service Pack 1 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=8d9f1fdf-6d4c-44d4-9b5f-bdbe8ac28d7fWindows Server 2003 Service Pack 2 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=8d9f1fdf-6d4c-44d4-9b5f-bdbe8ac28d7fWindows Server 2003 x64 Edition (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=2c04c7f2-728e-43bd-8574-26e411fcd129Windows Server 2003 x64 Edition Service Pack 2 (Windows Media Player 10):
http://www.microsoft.com/downloads/details.aspx?FamilyId=2c04c7f2-728e-43bd-8574-26e411fcd129Windows XP Service Pack 2 (Windows Media Player 11):
http://www.microsoft.com/downloads/details.aspx?FamilyId=a690d042-1137-4aaf-bd0e-565ea04d1f2bFor a complete list of patch download links, please refer to Micrsoft Security Bulletin MS07-047.
-
Windows Gadgets Could Allow Remote Code Execution (MS07-048)
- Severity
- Serious 3
- Qualys ID
- 115613
- Vendor Reference
- MS07-048
- CVE Reference
- CVE-2007-3032, CVE-2007-3033, CVE-2007-3891
- CVSS Scores
- Base 6.8 / Temporal 5
- Description
-
Windows Gadgets are mini applications. They can connect to Web services to deliver business data, weather information, news updates, traffic maps, Internet radio streams, and even integrate with other programs to provide streamlined interaction.
Microsoft Security Bulletin MS07-048 addresses remote code execution issues with the following gadgets:
- Windows Vista Feed Headlines Gadget
- Windows Vista Contacts Gadget
- Windows Vista Weather Gadget - Consequence
- An attacker could run code with the privileges of the logged on user.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows Vista:
http://www.microsoft.com/downloads/details.aspx?FamilyId=49a5bd84-da71-4529-b4d3-ac57dab59e01Windows Vista x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=24443f59-b908-480b-9b72-7094d4b5e128Refer to Microsoft Security Bulletin MS07-048 for further details.
-
Virtual PC and Virtual Server Could Allow Elevation of Privilege (MS07-049)
- Severity
- Serious 3
- Qualys ID
- 115612
- Vendor Reference
- MS07-049
- CVE Reference
- CVE-2007-0948
- CVSS Scores
- Base 9.3 / Temporal 6.9
- Description
- An elevation of privilege vulnerability exists in Microsoft Virtual PC and Microsoft Virtual Server due to inaccurate initialization of components that communicate with the host operating system.
- Consequence
- An attacker could take complete control of an affected system. The attacker could then gain access to host or other guest operating systems.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Virtual PC 2004:
http://www.microsoft.com/downloads/details.aspx?FamilyId=cbdeaa50-7115-4673-97c4-10009f9c5c42Microsoft Virtual PC 2004 Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=17ffe5a2-3551-4858-93b6-5e25af87d808Microsoft Virtual Server 2005 Standard Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=bc02ea6d-2884-4637-9894-3413a71329eeMicrosoft Virtual Server 2005 Enterprise Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=da474b6f-9f0c-43f6-b432-050f7e76967dMicrosoft Virtual Server 2005 R2 Standard Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=43fa1327-8e5e-4c92-901f-1ff2a0a087b4Microsoft Virtual Server 2005 R2 Enterprise Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=c2fc16c4-1fb0-4c09-b04a-684b40df8517Microsoft Virtual PC for Mac Version 6.1:
http://www.microsoft.com/mac/downloads.aspx#VPCMicrosoft Virtual PC for Mac Version 7:
http://www.microsoft.com/mac/downloads.aspx#VPCRefer to Micrsoft Security Bulletin MS07-049 for further details.
-
Vector Markup Language Vulnerability Could Allow Remote Code Execution (MS07-050)
- Severity
- Urgent 5
- Qualys ID
- 100051
- Vendor Reference
- MS07-050
- CVE Reference
- CVE-2007-1749
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
This Microsoft update resolves a vulnerability in the Vector Markup Language (VML) implementation in Windows.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
December 2008 Updates are Available (including for XPe SP3 and Standard) (KB938127)
October 2007 Monthly Security Updates are Now Available on the ECE (KB938127)
August 2007 Monthly Security Updates are Now Available on the ECE (KB938127)
- Consequence
- The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Microsoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 5.01 Service Pack 4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=31E63D6F-B6B7-41D7-8AE6-DD7FCF89D477Microsoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 6 Service Pack 1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=7099D33A-0EF6-423F-824E-757482517612Windows XP Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=4447D74F-09EA-4BE0-9DAE-C243CE657FB7Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=98CCD207-F4D0-4625-AEAB-0EBF1643A5FDWindows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=463535AA-E04E-4A30-B3AB-8CD6D8CDD13CWindows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9D4375D4-FB9B-4771-BD6F-E5D23EEDBC6BWindows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft Internet Explorer 6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C7BE313B-3405-42E1-9E4B-0CB6BF3D2CB1Windows XP Service Pack 2 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9F5DA816-194C-478E-8A96-9421A0C52C9FWindows XP Service Pack 3 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9F5DA816-194C-478E-8A96-9421A0C52C9FWindows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 (Windows Internet Explorer 7):
http://www.microsoft.com/downloads/details.aspx?FamilyId=1C3168A9-D959-4137-868A-EC70DA737C21For a complete list of patch download links, please refer to Micrsoft Security Bulletin MS07-050.
These new vulnerability checks are included in Qualys vulnerability signature 1.18.24-5. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 90405
- 90404
- 110063
- 100050
- 90407
- 90406
- 115613
- 115612
- 100051
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.