Zeroday Internet Explorer vulnerability update



The infocon level at incidents.org has been lowered back to green although there is still no patch for this issue from Microsoft and the threat still exists. They like to use the higher level to get attention to an issue, but not leave it on higher alert level for extended periods. They also have noted that Microsoft has updated their advisory.


Below is their summary of the details.

Following statements are summary of updated information.
The affected versions of Msdds.dll are 7.0.9064.9112 and 7.0.9446.0. Customers who have Msdds.dll with version 7.0.9955.0, 7.10.3077.0, or higher on their systems are not affected by this vulnerability.

The Microsoft DDS Library Shape Control (Msdds.dll) does not ship in the .NET Framework.

Microsoft Office 2003 are not affected by this vulnerability. (ships a higher version dll)

Microsoft Access 2003 are not affected by this vulnerability. (ships a higher version dll)

Microsoft Visual Studio 2003 are not affected by this vulnerability. (ships a higher version dll)

Microsoft Visual Studio 2002 Service Pack 1 are not affected by this vulnerability. (ships a higher version dll)

Microsoft Office XP Service Pack 3 are not by default affected by this vulnerability. However, its only in a vulnerable configuration if VS runtime library files are in the search path for Internet Explorer. These files are Msvcr70.dll and Msvscp70.dll. For instance by placing them in the same directory as Msdds.dll or in the %windir%/system32 directory could expose Office XP customers to this issue.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft updates are out for July and they affect no fewer than 18 issues in Office and Windows. 13 issues are tagged as critical, others as important. They are all bundled into 7 update downloads. 8 vulnerabilities within Excel have been addressed in all of this. Office 2000 users will have to manually update (Office XP/2003......
  • Out of Cycle Windows Update - Patch Today Yesterday news broke of an out of cycle security patch for Windows. The bulletin is available from Microsoft. Apparently the vulnerability was in the Windows Server service (XP, 2003, 2000, 2008, Vista ALL affected though regardless of server/workstation/client/desktop/etc...). The RPC handling (remote procedure call) is the achilles heel this time......
  • Microsoft vulnerability whack-a-mole continues..... Translation - Microsoft patched one vulnerability another surfaces.... Incidents.org brings us the frustrating news.... If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released......
Blog Traffic Exchange Related Websites
  • Microsoft ships Windows 7 SP1 and Windows Server 2008 R2 SP1 Microsoft has released the Service Pack 1 (SP1) update for Windows 7 and Windows Server 2008 R2. The update is available via the Microsoft's Update Center or Windows Update. The service pack releases add to the performance improvements and security enhancements to the existing versions of corresponding operating systems. Below......
  • Fake Prosperity: U.S. National Debt Growth vs. GDP Growth If you're a member of Gen X and Gen Y, this is probably the scariest chart you will see in 2011, and possibly, right up to the time you're old and gray. As you can clearly see, the crony capitalism, fake prosperity, recycled Keynesianism¬†memes et al., have¬†been a great......
  • Houston computers affected by virus A virus is playing havoc with the municipal court operations in Houston. The court system had to close down Friday afternoon after a computer virus affected access to data on court cases. Courtroom operations aren't expected to be back in business before Thursday morning. People can pay fines and conduct......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site