The security update for February 2007 includes seven updates for Microsoft Windows, and one update for Internet Explorer.
Bulletin Description
|
Impact
|
Bulletin Rating
|
Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
|
Remote Code Execution
|
Critical
|
Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution(927779)
Affected Software:
- Microsoft Data Access Components 2.5 Service Pack 3 on Microsoft Windows 2000 Service Pack 4
- Microsoft Data Access Components 2.8 Service Pack 1 on Microsoft Windows XP Service Pack 2
- Microsoft Data Access Components 2.8 on Microsoft Windows Server 2003
- Microsoft Data Access Components 2.8 on Microsoft Windows Server 2003
|
Remote Code Execution
|
Critical
|
Cumulative Security Update for Internet Explorer (928090)
Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
Affected Components:
- Microsoft Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
- Microsoft Internet Explorer 6 Service Pack 1 when installed on Windows 2000 Service Pack 4
- Microsoft Internet Explorer 6 for Windows XP Service Pack 2
- Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
- Microsoft Internet Explorer 6 for Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems and Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
- Windows Internet Explorer 7 for Windows XP Service Pack 2
- Windows Internet Explorer 7 for Windows XP Professional x64 Edition
- Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1
- Windows Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Internet Explorer 7 for Windows Server 2003 x64 Edition
|
Remote Code Execution
|
Critical
|
Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)
Affected Software:
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
|
Elevation of Privilege
|
Important
|
Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)
Affected Components:
- Microsoft Windows XP Service Pack 2
|
Elevation of Privilege
|
Important
|
Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)
Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
|
Remote Code Execution
|
Important
|
Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)
Affected Components:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
- Microsoft Visual Studio .NET 2002
- Microsoft Visual Studio .NET 2002 Service Pack 1
- Microsoft Visual Studio .NET 2003
- Microsoft Visual Studio .NET 2003 Service Pack 1
|
Remote Code Execution
|
Important
|
Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)
Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
- Microsoft Office 2000 Service Pack 3
- Microsoft Office 2003 Service Pack 2
- Microsoft Project 2000 Service Release 1
- Microsoft Office 2000 Multilanguage Packs
- Microsoft Project 2002 Service Pack 1
- Microsoft Visio 2002 Service Pack 2
- Microsoft Learning Essentials 1.0, 1.1, and 1.5 for Microsoft Office
- Microsoft Global Input Method Editor for Office 2000 (Japanese)
- Microsoft Office 2004 for Mac
|
Remote Code Execution
|
Important
|