Today we released seven security bulletins. One has a maximum severity rating of Critical with the other six having a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.
|Bulletin||Most likely attack vector||Max Bulletin Severity||Max Exploit-ability rating||Likely first 30 days impact||Platform mitigations and key notes|
|Victim browses to a malicious website or opens a malicious media file.||Critical||1||Likely to see exploit code developed in next 30 days.||
Windows 7 not affected by default by either of the two vulnerabilities.
See this SRD blog post for more information.
|Victim opens a malicious PPS or DOC file.||Important||1||Likely to see exploit code developed in next 30 days.|
|Attacker logs-in locally to a machine and exploits the vulnerability to elevate to a higher privilege level.||Important||1||Likely to see exploit code developed in next 30 days.||Only affects systems with double-byte consoles. (English locale not affected.)
Windows Vista and later platforms not affected.
|Victim browses to a malicious WebDAV or SMB share and opens a Publisher (PUB) file. Publisher executes a potentially malicious executable hosted on the same WebDAV or SMB share.||Important||1||Likely to see exploit code developed in next 30 days.|
(SSL / TLS)
|Victim browses to a trusted website via HTTPS. A malicious attacker positioned on the network as a man-in-the-middle actively attacks the session by injecting content into the stream to exploit this vulnerability and a second vulnerability (to bypass the browser’s same origin policy) resulting in content from the HTTPS session being leaked to the attacker.||Important||3||Exploit code for information disclosure is already available. However, this vulnerability cannot be leveraged for code execution.||See this SRD blog post for more background on the vulnerability.|
|Web application expecting the anti-XSS library to sanitize content by removing script might inadvertently consume a string containing script.||Important||3||This vulnerability cannot be leveraged for code execution.|
|If an attacker is able to (separately) discover a code execution vulnerability in an application developed using Visual C++ 2003 RTM, it may be less difficult than it otherwise would be to subsequently develop an exploit due to SafeSEH not being enforced.||Important||3||This vulnerability cannot be leveraged for code execution.||See this SRD blog post for more background on the vulnerability.|
- Jonathan Ness, MSRC Engineering